Europe vs.  U.S.

A Digital Privacy Laws Comparison

Digital Privacy Laws: How Europe Protects Your Online Data Differently than the U.S.

Both Europe and the U.S. are facing far-reaching changes regarding digital privacy laws. However, the effects on data privacy differ drastically. We shed some light on the main differences between digital privacy laws in Europe and the U.S. and explains what multinational companies operating on both continents should know.

Digital Privacy in the European Union

On May 25, 2018 – less than a year from now – the EU will put into effect one of the most far reaching and punitive measures dealing with digital privacy. The General Data Protection Regulation (GDPR) - is literally privacy on steroids and far beyond what we have ever seen.

A long list of identifiers (aka Personally Identifiable Information or PII) now fall within the purview of this regulation. In addition to the more recognizable PII like name, gender, sexual orientation, location data, economic, cultural, and economic data etc. we can now add IP addresses, genetic information and even biometric data.

Further, any EU resident may request access to their data and is entitled to enforce the “Right to be forgotten” whereby their personal data must be erased. The catch is that such erasure needs to occur from every instance where such data may have been shared! In cases where the data is deemed inaccurate, the data subject can enforce the “Right to restrict the processing of personal data”. Data subjects have the right to data portability and even to object to be evaluated based on automated processing systems. The list is very long indeed.

The law applies to any company doing business in the EU, and not just for companies based in the EU.

Breaches must be disclosed within 72 hours and if you have second thoughts about complying with the regulation, consider the penalties: 4% of global gross revenues or € 20 million – whichever is higher!

Based on 2016 revenues, a fine for Apple would be $ 8.6 billion. Think they are not going to take this seriously? Unlikely. By some estimates fully 95-98% of US companies doing business in the EU, are not prepared and are not on track to become compliant by May 2018. A frightening prospect.

Digital Privacy in the United States of America

On April 3, 2017, while the country was occupied with the latest crisis headlines, President Trump signed the repeal of the internet privacy rules into law. There was not even a comment from the White House and no photo opportunity of the President signing this law. Very few even noticed. The resolution passed by a 50-48 vote in the Senate and 215-205 in the House.

The repealed internet privacy rules had been aimed at preventing internet providers from selling personal data without permission.

This battle, which had pitted large internet service providers and tech giants against consumer advocates and privacy rights groups, became history, and those ISPs that were interested in selling private data, won the day. Privacy took a blow to the nose.

In one report, consumer and rights advocates were outnumbered 50:1 by the lobbyists for their opponents. Critics of the rules had argued that this was an example of government overreach. One of the arguments for eliminating the rules was that these rules “would cause consumers to miss out on customized promotions”.

Now experts argue that these huge new databases of personal information are likely to become targets for hackers, law enforcement and spies.

The tide of consumer complaints, as more citizens become familiar with what has transpired is now causing some lawmakers to consider the repeal of the repeal of the internet privacy rules! Time will tell.

What is a Large Multi-National Company Doing Business on both Continents Supposed to do?

EU residents want to enhance privacy and whereas in the USA privacy has just been shredded. With this diametrically opposed cauldron of laws to deal with, how should companies respond?

Unfortunately, this is now a very confusing and contradictory landscape with no quick and easy path to resolution. Angela Merkel recently called for international regulations for the digital world. She went on to say that Europe and the US need to work together to ensure sensible rules because the “standards had been very erratically set so far”. For many companies, the statements resonate but a collaborative approach between continents is an elusive dream.

In the meantime, global companies must deal with a bipolar set of regulations making compliance a nightmare scenario.

  • IT Market
  • GDPR, Data Security, Data Management

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Author

Blog Editorial Team

Trend Scouts

IT Trends and industry-relevant novelties

Related Articles

  • 22 October 2019
  • Blog Editorial Team
  • IT Market, Digital Transformation
  • Trends, Digitization, Strategy

3 Key Barriers to Digital Transformation

Businesses have understood the Digital Transformation and have placed it at the heart of their corporate strategies. Still, a lot of DX projects fail.

Agility & Company Transformation - We Have Transformed, What’s Next?
  • 01 October 2019
  • Karol Kłaczyński
  • IT Market, Digital Transformation
  • Agility, Scrum, Software Development

We Have Transformed, What’s Next?

When transforming towards an agile organization, similar questions can appear, especially from the top or fact-driven management. Our Scrum Master Karol provides insides and recommendations on how to face company transformation challenges.

what has been going on in the world of IT

IT Insights in September

The IT world is such a rapidly developing field that it may sometimes be hard to stay up-to-date. With our monthly IT insights you won’t lose the overview. Read about the latest vendor news and trending topics.