Data Privacy

How do global privacy laws stack up to GDPR?

With many organisations still struggling to keep up with GDPR, we take a look at four other international privacy policies to see if they're doing things any differently.

In a contemporary compliance realm that can only be described as ‘post-GDPR', the importance for organisations to be responsible for their Personally Identifiable Information (PII) cannot be overstated. Consumers are hyper-aware of their data rights and the fines for non-compliance to privacy laws can be severe and fundamentally damaging to organisations of all sizes. 

However, while the information is well and truly out there now, many organisations are still struggling to keep up. Looking to GDPR, a survey by the International Association of Privacy Professionals - released in October - showed that more than half (56%) of 550 respondents believed themselves to be far from compliant, or will never fully comply, to the regulation. This is a worrying result when considering the maximum penalties of non-compliance to GDPR are €20 million or 4% of annual turnover (whichever is higher).

Furthermore, the EU's famed regulatory masterstroke isn't the only thing companies need to take note of, with more and more countries and jurisdictions updating their own data laws over the past few years and in response to GDPR. This has created a complex web of international data regulation that is increasingly affecting organisations of all sizes and especially those operating in multiple geographies. Essentially, everyone needs to be thinking about privacy and how best to manage the data - and specifically PII - of their customers.

Many would class GDPR as the gold standard of privacy law for citizens, however as organisations struggle to keep up, it begs the question of whether other jurisdictions are doing things any differently. Here, we compare four countries in terms of how their privacy laws are likely to affect the companies that are operating there and how they compare to GDPR. While it must be stated that the privacy laws of individual countries obviously differ slightly in terms of scope (i.e. countries within the EU can opt to enforce stricter privacy laws if need be), it can still be useful to be aware of how other systems work, to fine tune enterprise compliance structures.



Major laws/policies

To continue reading this article register now