Published on December 17th, 2019 | by Sunit Nandi0
These 4 Countries Have the Strictest Data Privacy Laws
2019 saw the highest number of instances of data breaches in major firms across the world. We also saw an increasing number of internet organizations, notable among them Facebook, either show a complete disregard for their users’ privacy or fail to follow the Privacy Laws set by authorities.
But what do all these developments signify? They show that an increasing number of people, organizations, and even governments are becoming conscious of data privacy. It’s no longer acceptable to address privacy controversies after they come to light. Rather, governments need to be proactive towards their citizens’ data privacy.
Even India will introduce it’s data privacy legislation later this week. The law will hold companies responsible for that data they collect and give people more control over their personal data collected by said companies, whether its mega-corporations like Facebook or small websites like an Indian casino online. And while we wait for how this law will benefit internet consumers like us, let’s look at what we can learn from 4 countries in the world that have the strictest data privacy laws.
In May 2018, the European Union passed the General Data Protection Regulation (GDPR), establishing a historic precedent for data privacy law worldwide. Since the EU has laws that must be followed by all its members, the GDPR made doing business in Europe fairer and easier, since only one set of rules will govern all companies processing data in the EU.
The law requires that companies clearly state what user data will be collected and how it’ll be used. If a user deletes a photo that was posted as a minor, then it should be able to remove from a social network. What’s more, the social network is required to inform search engines and other websites that the photos need to be removed. Companies violating this law can face fines up to 20 million euros or 4% of their annual global revenue.
While China may be known for keeping a close eye on its citizens’ activities, it’s data protection regulation is commendable. China passed the Cyber Security Law in 2017, which required companies to clearly state to its users what content they were collecting. The process includes a written statement, registration form, a ticked box, message of consent or continuous communication between the company and the user.
The law makes data encryption compulsory while transmitting data. What’s more, companies also need to have a contingency plan in place for security breaches. In 2018, China also introduced the Personal Information Security Specification in 2018 that clearly lays out the details of data protection in the country. Looking at these measures, we can certainly say that many countries have a lot to learn from China.
In 2016, Iceland ranked 3rd out of 170 countries on Artmotions’s list of the safest places in the world to store data. The country’s high standards towards data privacy became clear when it’s parliament passed the Data Protection Ace, voting to implement the GDPR in the country despite not being a part of the European Union.
Another initiative worth mentioning is the Icelandic Modern Media Initiative in 2010 that aimed to provide security to people like investigative journalists by providing source protection, whistleblower protections, and protection for communications between sources and the media. The law even protects intermediaries like ISPs.
California, United States
The state of California is leading the path towards stricter data privacy laws in the US, though we can’t say the same about the whole of the country. The state-approved the California Consumer Privacy Act of 2018 (CCPA) that requires Californian companies to clearly state what data they’re collecting and how they’re going to use it.
Thanks to the law, Californians also have the right to request and delete personal information collected by a company. Additionally, consumers who don’t want their data to be collected can simply opt-out. Though the law will take effect in 2020, it has successfully legitimized the privacy advocates’ movement for stricter data privacy laws. One can imagine that not only will these laws make companies accountable, but they’ll also take consumer a step forward in the rest of the US and possibly even the rest of the world.