This year has seen an eruption of new data protection bills and laws, as many countries follow Europe's lead in enacting their first, or stronger, data protection laws. For many global organisations a fracturing of data protection law poses a costly compliance burden and many would like to enforce one standard across their operations. But to what extent are these countries responses similar? Is there a new global standard, and if so is it the GDPR? To what extent do these changes overlap, and what trends not seen in the GDPR are emerging too?
This talk will explore how the world of data protection has changed since the GDPR was passed last year. In particular it will look at how the US policy landscape is changing and the extent to which GDPR concepts are coming through. The US is undergoing enormous change, with the CCPA coming into effect next year, various proposed federal bills, amendments to sector bills, and 16 state level bills all being debated. The talk will highlight some similarities between these various bills and amendments, as well as some of the areas of divergence. It will also draw on other changes, such as the emergence of data localisation laws in China, Indonesia, and India, and some of the laws closer to the GDPR such as Brazil.