GDPR to have positive effects outside of Europe, says US group
A US consumer group has predicted that the impact of the EU’s General Data Protection Regulation (GDPR) will force organisations around the world to improve their data protection practices.
According to the Consumer Action group, the competitive pressure caused by the GDPR and its requirements to organise user data will benefit all consumers, whose privacy rights are currently not well protected.
In the US particularly, the group adds, consumer rights are determined by a “spotty patchwork” of federal or state laws which are inadequate to properly protect them and their online information.
Though some credit, health and children’s data come under separate laws with extra protections - via the Fair Credit Reporting Act, the Health Insurance Portability and Accountability Act and the Children’s Online Privacy Protection Act respectively - these rules are focused only on individual or parental consent or for data processors to give fair notice.
From May this year, however, all companies that handle data belonging to EU citizens must abide by the GDPR or be heavily fined, regardless of where the processing firm is headquartered.
Consumer Action adds that, because US companies are unlikely to make determinations or new guidelines on a country-by-country basis, their data protection, retention, correction and deletion practices will likely improve for consumers outside of the EU.
The group picked out the fact that many companies are already carrying out “data hygiene” exercises to improve practices before the GDPR’s requirements hit.
Linda Sherry, director of national priorities at Consumer Action: “As global firms adapt to the EU’s data protection law, we’re hopeful that all consumers will benefit from stricter data security and gain a reasonable measure of control over their personal information that so many others prosper from the EU’s strong regulation.”