GRC Viewpoint

Data Privacy Laws: From A 2023 Perspective

Laws regarding data privacy corresponding to the U.S. always have had room for improvement. Besides, big tech companies such as Facebook, Google, and Apple are yet to achieve a comprehensive data privacy law(federal). As a result, U.S. citizens have to be satisfied with minimal data privacy protections. The other countries have a comparatively better scenario. However, the coming years are expected to witness drastic changes. 

There have been different proposals in recent years. However, the industry needs a comprehensive federal law with respect to data privacy in the nation. There has been considerable progress in the last few years. More than other agencies, the ADPPA (The American Data Privacy Protection Act) has seen some success compared to its previous agencies. However, the hurdles to a comprehensive implementation are many. 

READ MORE: Senior Cyber Security Experts in the U.S Are More Confident of Automation Excellence

Also, individual states play an integral role in enacting data privacy laws. As a result, the U.S. encompasses hundreds of data security and privacy laws spread across the states. Data privacy laws govern the storage, collection, disposal, protection, and leveraging of personal data accumulated by citizens. 

Besides the sectoral privacy laws, the nation is experiencing a significant drive toward implementing privacy legislation at the state level. But unfortunately, the federal government needs to reach a consensus on how to bring in broad legislation. 

The state government was forced to set its own rules rather than waiting to implement uniform regulations.

READ MORE: 8 Best Practices for Successful Cybersecurity Compliance Training

Together with these, It is essential to discuss the EU-US Data Privacy Framework. Earlier, businesses transferring data toward the U.S. depended on Privacy Shield, a framework. However, the framework was termed invalid after the Schrems II court case. The incident shifted the focus to the Standard Contractual Clauses. The clause was approved by the European Commission to ensure legal protection for any transfer of data. 

However, these reforms cant be called strong. Businesses belonging to the U.S. are not permitted to depend on them if the clauses are subjected to the FISA’s (The Foreign Intelligence Surveillance Act) section 702. 

To conclude, the U.S. is expected to witness changes in data protection laws beginning in 2023. 

Related Articles

Latest Articles