International Data Protection Laws in a Nutshell

The year is 2019 and the world is an established global village where the currency is data. There is an existing, and growing, deviance in the form of corrupt practices relating to data misconduct. Thus, as expected of any community, our global village has responded with proactive methods. 

Viscidity of tech-aided malicious acts such as data breaches, phishing and identity theft, among a range of others, promoted the urgency for global awareness in data protection. These criminal actions have gone beyond local networks and like most things in technology, they have spread across international borders. Data breaches have become a rampant occurrence across the world and as expected, nations and corporate bodies have responded duly.

In 2016, the General Data Protection Regulation (GDPR) was created as a regulation for inclusion in the European Union law. Although not implemented till 2018, the GDPR is the most comprehensive data regulation law. It encompasses details on protection for citizens within the European Union and European Economic Area. It also includes regulations for data transfer beyond the EU and European Economic Areas. 

Several nations have adopted data protection regulations in this regard, as it pertains to their laws and government in general. These regulations are set up to safeguard the data and internet transactions of individuals and organizations within their constituencies. However, the European Union stands out with the largest and, to an extent, the most adopted data protection law in its member countries. 

Why we need data protection 

Accounts details, passwords and other crucial information have been rendered easily accessible with the development in technology and concurrent knowledge acquisition by hackers. This puts individuals and businesses at risk of impersonation, privacy infringement, data theft and other cyber misconduct. 

Due to the nature of cyber crimes, it can actually prove difficult for an average individual to track and apprehend the perpetrator. The consistency in e-transactions and internet usage makes most people unable to avoid putting their data out. Essentially, people are exposed to malicious activities. This results in an imminent need for data protection, a movement that dates as far as the 60s and 70s in the UK. 

Data protection regulations in the world 

Across the world, nations have set up their data laws in alignment to the principles of the GDPR which are: 

  • Lawfulness, fairness and transparency 
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality (security)
  • Accountability

Centralized on the aforementioned principles, nations have created their individual data protection and privacy laws for the benefit of their citizens:

  • South Korea had its privacy act implemented before the GDPR, but its data protection laws reflect the principles of GDPR.
  • Subsequent to the first data regulation law in the United Kingdom during the 1960s, several revisions have been conducted. The first law was enacted as governmental response to the increment in computer usage and introduction of digital databases. 
  • The United States of America, in comparison, is yet to have an all-encompassing federal law on data protection for citizens. However, the state of California enacted the first law on data-breach notification in 2003. Closely following, the 49 other states have their specialized laws binding companies and governmental agencies to inform individuals on breeches which may compromise their information. 
  • Lei Geral de Proteçao de Dados (LGPD) is Brazil’s national data protection law which was sanctioned in 2018. To be fully effective in 2018, the LGPD was drafted in line with the GDPR with obvious distinctions. Similarities between the LGPD and the GDPR are evident in the scope, applicability and highlighted penalties. 
  • In Australia, the Privacy Amendment (Notifiable Data Breaches) to Australia’s national Privacy Act was fully implemented in February, 2018. This amendment notes that organization which fail to report threats of data breach may pay a fine up to 1.8 million AUD.

Protecting your privacy abroad

In some nations, the Data protection regulations may extend to foreigners or cover citizens while they are outside their borders. However, it is important to have personal safety measures to protect your privacy while abroad.  Thus, if you’re not sure of the privacy laws when travelling, it’s always a good idea to use a VPN. For example,  use the VPN’s Europe-based servers, so that websites you visit would be GDPR-compliant. Read here to find of the best VPN for Europe.

Additionally, follow these tips:

  • If possible, stay off public networks
  • Do not conduct monetary transactions
  • If possible, get a portable hotspot device
  • Back up all your data and use strong passwords.

Data protection is essential for cybersecurity. Thus, it should be the forefront concern for individuals and corporations alike. While a national regulation goes to great lengths to ensure protection, you should be cautious nevertheless.