The challenge – and the opportunity – of data protection legislation
Take a look at the world map and it’s becoming a bit like an ongoing paint-by-numbers game. In May 2018, a swathe of colour washed through the EU with the introduction of the GDPR. In the months that followed, countries as diverse as Ecuador and India, China and New Zealand proposed or introduced similar legislation.
Soon, a large number of US states will join in, led by the California Consumer Privacy Act (CCPA) which comes into play in January 2020. While a new Privacy Act failed at the last hurdle in Washington, 12 other states including Nevada, New Mexico, Texas, Illinois and New York all have their own legislation in the works which will see data privacy spread from the west coast all the way to the east coast.
Look a little deeper and much of the new legislation is following the example of the GDPR. Phrases like ‘data breach notification’, ‘Data Protection Officer’, ‘data protection impact assessment’ and ‘informed consent’ are becoming common parlance.
Rather than being a challenge for business, however, this presents an opportunity. Align with one regulation like the GDPR, the CCPA, or India’s upcoming Personal Data Protection Bill and you’re likely to be compliant or close to compliant with others that are in play now or will be introduced in the future.