Since the GDPR has been introduced, many other countries are following the same trend to protect the personal data of their individuals. Surely it is true that GDPR is not the beginning and certainly it won’t be the end. With the advancement in technology today, it has been easy for cybercriminals and hackers to steal the data of an individual and that is why each country is bringing strict laws that will protect the user data.
To help you get started, here are six examples of countries who have adopted comparable data privacy laws:
1. Brazil:- After GDPR was introduced in EU, Brazil also brought their LGPD which stands for Lei Geral de Proteçao de Dados. The law is very much similar to GDPR in terms of scope, applicability, and financial penalties for non-compliance. According to this law, any organizations that want to do business with Latin America’s largest economy have to comply with LGPD by February 2020. If any organization does not comply with LGPD in Brazil then they have to pay fine up to 50 million BRL (approximately 11.8 million EUR).
2. Australia:- In February 2018, Australia also brought the Privacy Amendment (Notifiable Data Breaches) to Australia’s Privacy Act. According to this law, any company that have annual turnover of over 3 milling AUD have to disclose data breaches that pose a “real threat of serious harm” within 30 days of their discovery. If an organization fails to do so then they have to pay up to 1.8 million AUD (approximately 1.1 million EUR).
3. USA: – In U.S.A, currently there is no data privacy law applicable to all industries on the federal level. Although, every state in the US has its own data privacy laws to protect the personal data of U.S individuals. These rules and regulation in each state have set their own scope, applicability, and penalties. But if we talk about these states then the most recent and strict law adopted by any U.S state is California Consumer Privacy Act (CCPA). CCPA has many codes and standards that overlap with GDPR.
4. Japan:- In May 2017, Japan’s Act on Protection of Personal Information was enforced. The law is much similar to GDPR and all the organizations (Both foreign and domestic companies) that have access to the data of Japanese citizens have to comply with this law. Similar to GDPR, companies located outside of Japan also have to follow the guidelines laid down in Act.
5. South Korea: – In South Korea, the law that protects the data of South Korean residents was introduced way before GDPR. South Korea’s Personal Information Protection Act has been in effect since September of 2011.6.
6. Thailand: – Thailand introduced the PDPA (Personal Data Protection Act) in February 2019. This act will come into effect on 27 May 2020. PDPA is very much similar to GDPR in many ways including the protection of personal data of residents etc.