DEREK BARKA
MEET DEREK
PARTNER, CHIEF TECHNOLOGY OFFICER
As Chief Technology Officer at SilverTech, Derek defines and drives the agency’s technology vision—helping clients harness data, digital platforms, and emerging technologies to solve complex business challenges and build meaningful, lasting customer relationships.
Known for finding solutions to the toughest and most complicated technology challenges, Derek combines innovation with deep expertise across enterprise architecture, cloud infrastructure, custom development, and big data. He brings a security-first mindset and a sharp focus on privacy and compliance, enabling organizations to build secure, scalable, and future-ready digital ecosystems.
Derek serves as a strategic adviser to both SilverTech’s technology partners and clients. He works closely with platform providers—often consulting on product roadmaps—to ensure solutions align with real-world business needs and deliver maximum value. He also helps client organizations develop and execute digital roadmaps that make the most of their existing systems and data, integrating legacy technologies with modern platforms where and when it makes sense to drive growth, stay competitive, and support long-term success.
Throughout his career, Derek has played a key role in shaping the tools and platforms that power modern digital marketing. He is a recognized authority and thought leader in the martech space—recently named a Kentico MVP and Progress Sitefinity Champion. Derek holds numerous certifications, including Kentico Developer, Kentico Marketer, Sitefinity Developer, and Sitecore Developer.
Data Privacy Laws Update: January 2025
By: Paul Creme | 2/11/25
Starting this year, about twenty states already have, or will soon, adopt privacy laws similar to California's.
California adopted its privacy law statute in 2018, which was modeled to a degree upon the EU-GDPR regulation adopted by the European Union, also in 2018. Since then, California has amended the law, and it is now known as the California Privacy Rights Act (the “CPRA”).
The following states have chosen to adopt some form of a privacy statute or regulation including Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virgina. It is likely that others will soon follow.
Given the considerable number of states that have chosen to codify rights to privacy in personal data, it makes sense for your business to review your company’s website with your counsel to confirm it is fully compliant.
Although each state has slightly different rules and effective dates, most states have made the law effective as of January 1, 2025. While certain states have grace periods, it is best practice to review your website’s privacy policies as soon as possible.
Companies often reference the EU-GDPR and California statute specifically. If your company does business across state lines, state specific language may not be appropriate. Also, while you may believe that you do not have to worry about crossing state lines, remember it is more than likely that a consumer from another state may access your website, and thus, the law in their state would apply. Given the wide range of states, this possibility is exceedingly high.
Pro-Active Steps You Should Consider Implementing
- Determine what state laws, if any, apply to your business. This may be appropriate if you are very state centric, but a better approach may be to be more general in your approach and reflect this language on your website.
- Identify and categorize your processed personal data to understand your obligations. It may differ from state to state, so be sure to work with your attorney to make sure you are in compliance with the most stringent data retention requirements and be sure website users always have the right to be forgotten. Ensure your privacy policies are transparent and reflect the new legal requirements.
- Strengthen your internal data protection practices to safeguard consumer information. Review service provider agreements with vendors that process personal information on behalf of your business. Don't forget, if your company uses third parties to process information, ensure they follow the same data procedures regarding the data they process.
- Be prepared to comply with requests from consumers concerning privacy rights. This includes rights to opt-out of sale or deletion and return of personal information. It is crucial to educate your staff about the new laws and their roles in maintaining compliance.
We cannot provide specific legal advice regarding the wording that may be most appropriate for your company, but we can assist you in making website changes your company deems as necessary. This could include content updates, content integration with data privacy, and content management tools.
Reach out to contact your account manager with any questions.
