CALIFORNIA APPROVES BALLOT MEASURE EXPANDING CONSUMER DATA PRIVACY EXPECTED TO ROLLOUT NATIONALLY

Data443 is Well Positioned to Benefit from
Continued Increasing Cybersecurity Burden Imposed on Businesses

RESEARCH TRIANGLE PARK, NC, Nov. 06, 2020 — Data443 Risk Mitigation, Inc. (‘Data443’ or the ‘Company’) (OTCPK: ATDS), a leading data security and privacy software company, provided an update on the California Privacy Rights and Enforcement Act (‘CPRA’), approved by California voters on November 3rd, 2020. The CPRA is a new California state law that expands consumer data privacy, obligating businesses to provide consumers with the ability to opt-out of the collection of sensitive personal information collected, and further requires businesses to refrain from sharing the personal information of users, if requested. The CPRA expands, amends, and increases the protections afforded by the California Consumer Privacy Act (CCPA), which was adopted January 1, 2020, with enforcement actions initiated in July 2020.

Jason Remillard, CEO of Data443, provided the following insights and commentary, “The CPRA creates an even bigger cybersecurity burden for businesses than the CCPA. The new law is undoubtedly our country’s strictest consumer data privacy law, imposing stringent legal requirements on how businesses collect and share consumer data. It also establishes a new state agency (with a $10 million per year budget) to implement and enforce CPRA. In short, the CPRA imposes an increased duty on businesses to provide reasonable security for sensitive data, with penalties for breaches including for emails and passwords.

“People have a right to their personal data, and the right to protect it. Under the CPRA, businesses must enable those rights by protecting personal data and providing consumers with access to their personal data. As Data443 is All Things Data Security™, we already support all facets of the CPRA for our clients automatically. Our diverse and unmatched product feature set protects emails, documents, databases, and third-party services – in the cloud, in your own office or remotely at your employees’ home office.

“The CPRA is very similar to Europe’s GDPR law, for which Data443 has a proven solution – Data443® Global Privacy Manager, the privacy compliance and consumer loss mitigation platform which is integrated with our ClassiDocs® platform. Additionally, almost 40,000 businesses already utilize our world leading WordPress GDPR Framework daily to protect their businesses and support their customers for GDPR requests. Under the CPRA, consumers are entitled to know the categories of information collected and can even see the specific bits of information a company has on them, such as their email or address. Consumers can also order companies to not “sell” their data to other companies, and “opt-out” from well as order any company that has collected their data, and anyone the company has shared that data with, to delete it from their records. This is the so-called “opt-out” provision.

“What does this mean for Data443? It means greater commercial opportunities for us, because this is what we do. Since the CPRA holds companies responsible for ensuring that data it has shared with third parties or vendors is properly deleted upon request, in addition to protecting the data, these companies will need our products, services, and expertise.

“The CPRA is the continued and inevitable maturation of global privacy policies. Every jurisdiction in the world is experiencing this. One cannot provide solutions for this marketplace without a wide, mature, and combined product offering that covers all types of data, in all locations, in all sorts of formats managed by all sorts of relationships. Businesses are ultimately responsible for the stewardship and management of this personal information, and this represents a great shift in the way information has been managed in the past.

“Businesses are now recognizing this new ability or capability as a competitive differentiator. The ability to properly deliver, manage and journey a customer through a privacy request scenario becomes minimally a competitive differentiator – and in many cases – a situation of serious customer retention.

“Much like in the days when telecoms didn’t provide detailed billing of their services on a monthly basis – customers naturally migrated to service providers that were more transparent with their services and offerings – like detailed billing of every call and service charge – dragging the whole industry along with it. We have anticipated privacy compliance following the same path, and it continues to do so.

“Nearly 100% of our existing customer base has an existing privacy compliance or management program actively in place – having the same or more visibility at the board level as information security or other serious programs at the board level.”

About Data443 Risk Mitigation, Inc.

Data443 Risk Mitigation, Inc. (OTCPK: ATDS), is the de facto industry leader in Data Privacy Solutions for All Things Data Security™, providing software and services to enable secure data across local devices, network, cloud, and databases, at rest and in flight. Its suite of products and services is highlighted by: (i) ARALOC, which is a market leading secure, cloud-based platform for the management, protection and distribution of digital content to the desktop and mobile devices, which protects an organization’s confidential content and intellectual property assets from leakage – malicious or accidental – without impacting collaboration between all stakeholders; (ii) DataExpress®, the leading data transport, transformation and delivery product trusted by leading financial organizations worldwide; (iii) ArcMail, which is a leading provider of simple, secure and cost-effective email and enterprise archiving and management solutions; (iv) ClassiDocs® the Company’s award-winning data classification and governance technology, which supports CCPA, LGPD, and GDPR compliance; (v) ClassiDocs® for Blockchain, which provides an active implementation for the Ripple XRP that protects blockchain transactions from inadvertent disclosure and data leaks; (vi) Data443® Global Privacy Manager, the privacy compliance and consumer loss mitigation platform which is integrated with ClassiDocs® to do the delivery portions of GDPR and CPRA (previously, CCPA) as well as process Data Privacy Access Requests – removal request – with inventory by ClassiDocs; (vii) Resilient AccessTM, which enables fine-grained access controls across myriad platforms at scale for internal client systems and commercial public cloud platforms like Salesforce, Box.Net, Google G Suite, Microsoft OneDrive and others; viii) Data443 Chat History Scanner, which scans chat messages for Compliance, Security, PII, PI, PCI & custom keywords; (ix) the CPRA Framework WordPress plugin, which enables organizations of all sizes to comply with the CPRA privacy framework; (x) FileFacets™, a Software-as-a-Service (SaaS) platform that performs sophisticated data discovery and content search of structured and unstructured data within corporate networks, servers, content management systems, email, desktops and laptops; and (xi) the GDPR Framework WordPress plugin, with over 30,000 active users and over 400,000 downloads it enables organizations of all sizes to comply with the GDPR and other privacy frameworks. For more information, please visit http://www.data443.com.

Forward-Looking Statements

The statements contained in this release that are not historical facts are forward-looking statements as defined in the Private Securities Litigation Reform Act of 1995. Words such as “may,” “will,” “could,” “should,” “expect,” “plan,” “project,” “intend,” “anticipate,” “believe,” “estimate,” “predict,” “potential,” “pursuant,” “target,” “continue,” and similar expressions are intended to identify such forward-looking statements. The statements in this press release that are not historical statements, including statements regarding Data443’s plans, objectives, future opportunities for Data443’s services, future financial performance and operating results and any other statements regarding Data443’s future expectations, beliefs, plans, objectives, financial conditions, assumptions or future events or performance that are not historical facts, are forward-looking statements within the meaning of the federal securities laws. These statements are not guarantees of future performance and are subject to numerous risks, uncertainties, and assumptions, many of which are beyond Data443’s control, and which could cause actual results to differ materially from the results expressed or implied by the statements. These statements are not guarantees of future performance and involve risks, uncertainties and assumptions that are difficult to predict, and include, without limitation, results of litigation, settlements and investigations; actions by third parties, including governmental agencies; volatility in customer spending; global economic conditions; ability to hire and retain personnel; loss of, or reduction in business with, key customers; difficulty with growth and integration of acquisitions; product liability; cybersecurity risk; anti-takeover measures in our charter documents; and, the uncertainties created by the ongoing outbreak of a respiratory illness caused by the 2019 novel coronavirus that was recently named by the World Health Organization as COVID-19. These and other important risk factors are described more fully in our reports and other documents filed with the Securities and Exchange Commission (“the SEC”), including under (i) “Part I, Item 1A. Risk Factors”, in our Registration Statement on Form 10 filed with the SEC on January 11, 2019 and amended on April 24, 2019; (ii) “Part I, Item 1A. Risk Factors”, in our Annual Report on Form 10-K filed with the SEC on 17 April 2020; and, (iii) subsequent filings. Undue reliance should not be placed on the forward-looking statements in this press release, which are based on information available to us on the date hereof. Except as otherwise required by applicable law, we undertake no obligation to publicly update or revise any forward-looking statements, whether because of new information, future events, or otherwise.

The Data443® logo, ClassiDocs® logo, ARALOC logo and DataExpress® are registered trademarks of Data443 Risk Mitigation, Inc.

All product names, trademarks and registered trademarks are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, trademarks and brands does not imply endorsement.

All other trademarks cited herein are the property of their respective owners.

For Further Information:

Follow us on Twitter: https://twitter.com/data443Risk
Follow us on Facebook: https://www.facebook.com/data443/
Follow us on LinkedIn: https://www.linkedin.com/company/data443-risk-mitigation-inc/
Signup for our Investor Newsletter: https://www.data443.com/investor-relations/

Investor Relations Contact:
Matthew Abenante
ir@data443.com
919.858.6542

Primary Logo