Does America need its own GDPR to remain competitive?
Since the EU passed the GDPR in 2018, much debate has taken place about whether America will follow with similar data protection legislation.The U.S. has certainly had its share of high profile data privacy scandals, some of which have resulted in sanctions from EU data protection regulators under GDPR. But, passing data protection law at federal level is complicated, which leaves individual states to determine their own laws.
California took the lead when it passed The California Consumer Protection Act (CCPA) which comes into effect January 2020. The Act mimics the GDPR in that it affords several important rights to residents of the state regarding what, how and why their personal data is being collected.
While this is great for consumers, disparate state-level laws can make it really difficult for organizations that operate in multiple states to keep track. On the flip side, the absence of comprehensive data protection law in the U.S. affects trade potential with the EU.
It’s clear that American lawmakers have data protection top of mind. So, should U.S. companies be preparing for compliance with more complex, stringent and possibly federal data protection laws?
Our expert’s advice on data protection compliance by U.S companies
It takes a long time to pass any law at federal level, more so when the subject matter is as complex as data privacy. But, companies shouldn’t take this as a reason to delay data privacy interventions.
Fortunately there are multiple sources on which to base preparations. For multinational companies that operate in the EU, GDPR compliance will go a long way to being compliant, should similar legislation be passed in the United States.
States could do worse than to base expectations on the CCPA – as this has become the model for at least a dozen other states, which have either drafted or passed copycat legislation in the months since CCPA was passed.
Being ready early won’t just spare an organization the inevitable last-minute rush once legislation does pass, it also comes with a host of business benefits, including improved data management, increased trust, and improved customer loyalty.
COO, The Americas