Europe and the GDPR kickstarted a global trend of seeing the importance of data protection. Consumers have begun to understand how their data may be used, and for what purposes, and companies around the world are now taking steps to ensure that data is kept safe.
GDPR applies to any organisation that operates in the EU, and or processes the data of someone who resides in the EU. The data includes anything from names, addresses to photos and sensitive information such as race and religion. GDPR ensures that these pieces of information cannot be used to violate an individual’s privacy which means that organisations must be open and transparent about how they collect, store, and use the data as well as giving an option to opt-out of services. Under the legislation, individuals also have a ‘right to be forgotten’, meaning that organisations must delete the information of an individual at their request. Last year, fines for violating GDPR regulations amounted to over $1.45 billion.
Compared to GDPR in the EU, the USA has trailed behind in data security. There have not been any federal laws passed on data privacy in the US, leaving individual states to decide for themselves what the appropriate measures are to implement. One example of this is California, where the California Consumer Privacy Act (CCPA) came into effect at the beginning of this year. This legislation can see companies being fined up to $7,500 for each individual violation.
Data startup InCountry developed a report examining 128 countries’ data laws. They found that the US ranked in the middle, coming below India and South Korea, meaning there is a lot for the global power to improve on. The report took into account information on regional data protection laws as well as regulatory bodies in place to monitor them.
China and Russia came top of the rankings in the report, and this is largely due to the countries’ running their own type of internet and the strict laws that surround it. Whilst consent is needed for the acquiring of personal data in both countries, the government plays a strong role in surveilling its people. Other countries which scored highly on the list were mainly from the EU, in addition to Australia, New Zealand, Switzerland and Canada.
The country with the least protected citizens according to the list is Brazil. This will change in the coming months as the South American country will implement their own version of the GDPR, the General Data Privacy Law or LGPD.
The United States scored low on the ranking as its data protection laws are limited to a few states; there’s nothing at the federal level to fully protect consumers apart from a couple of limited internet laws developed to protect children from having their information collected. However, this may change soon. New York senator Kirsten Gillibrand has written a bill that hopes to establish a federal agency, much like the ICO in the UK, to enforce data protection laws across the country. The Data Protection Act would enable Americans to control and have protection over their own data.
Though the GDPR is only coming up to two years old, it’s clear that it has set precedent for data protection in the rest of the world, and businesses would do well to start putting data protection at the forefront of their priorities.
Kazient Privacy Experts offer bespoke Data Protection, Privacy and GDPR compliance solutions in a language you understand to UK and international organisations, and has received positive media coverage across Europe. Kazient’s GDPR consultants are fully certified to be your outsourced Data Protection Officer or EU Representative. Get in touch to find out how we can help your business by visiting our website www.kazient.co.uk or calling us on 0330 022 9009.