A somewhat persistent misconception when it comes to privacy is the claim that the United States are a wild west when it comes to the handling of personal data. While it’s true there is no single law that governs all data processing like the European Union’s General Data Protection Regulation (GDPR), there are in fact hundreds of privacy and data security laws.
Most of the 50 US states have adopted one or more privacy or data security laws, while at the federal level there are sector-specific privacy or data security laws, including laws applying to e.g. financial institutions, telecommunications companies, personal health data, children’s data, telemarketing, and direct marketing.
Much has already been said about the Californian CCPA, which will come into effect as of 1 January 2020; however, there are a significant number of new privacy bills being proposed, both at a state level and at a federal level. It is thus safe to assume that the already complex landscape is going to be increasingly difficult to navigate.
A recent piece of research by the IAPP analyzing 15 proposed or recently adopted laws has nevertheless identified several common themes, such as the right to access data, data breach notification laws, or purpose limitation laws. It’s an ongoing effort, which can be found free of charge on their website.
The USA is also home to one of the most effective regulators, the Federal Trade Commission, which has a significant track record when it comes to enforcing and protecting consumer rights. It was only last month when Facebook announced it set aside $3 Million ahead of an FTC fine following the Cambridge Analytica scandal.
In other words, the US is far from a wild west when it comes to handling personal data or personal identifiable information as it is more commonly known in the States. It is a highly complex framework of both State and Federal laws, backed up by a strong regulator.
To help you better navigate these laws, we are organizing a webinar on Thursday 9 May, where a panel of experts will walk you through this year’s most pressing questions and ensure you stay ahead of the curve in this increasingly complex data protection legislative landscape. Register now to watch it live or at a later moment on demand.
1 comment
Great article, and thank you for including the reference URLs.
Here in the USA, a newer technology called UBDI is one of many keenly interested in this topic.
Thank you!
Scott