The fact of the matter is that various places around the world have different laws and regulations, especially when it comes to data privacy. Today, we will walk you through a representative sample of 4 different countries and take a deeper look into the local data privacy privacy laws that are in effect in each of these.


  • Canada


In Canada, there is a legislation called Bill C-6 of the Personal Information Protection and Electronic Documents Act that governs the collection, use, and disclosure of personal information. Originating in the year of 2000, its recent amendment in 2018 made it compulsory to notify those affected in a data breach.


There are new data privacy legislation changes on the horizon in Canada. Most notably, Bill C-11, if signed into law, will introduce certain reforms, including the ones that have to do with information deletion, consent requirements, violation fines, OPC enforcement powers, and the right to data probability.


  • Germany


Germany is known as the data privacy protection leader on a global scale. Compared to other jurisdictions, its privacy protection laws are considered substantially more robust. In 2017, the Federal Protection Act came into effect, replacing the now-outdated one from 2001. One of the key takeaways is that it works in conjunction with GDPR, one of the strictest privacy and security laws in Europe and worldwide.


In the revamped version of the Federal Data Protection Act, the general obligations of those who process and collect data were made more clearly defined. These apply to both private and public parties.

GDPR does not tread lightly on data privacy violations.


Source: Pixabay.com


  • United States


The US is known to have taken a sectoral approach to data privacy, meaning its laws tend to be sector-specific. Instead of putting all the focus on government intervention, the US system incorporates a combination of self-regulation, regulation, and legislation. Oftentimes, you’ll see one single state having an excess of 100 privacy laws.


If we were to pick a notable example, it would have to be California’s CCPA. It outlines 4 key personal data management rights:


- The right to opt out


- The right to assess


- The right to notice


- The right to equal services


Any company that operates in the state of California is legally obliged to obtain consent before being allowed to process user data. Consumers also have the right to view, obtain, delete, and ask for their personal data to be corrected at any time.


  • China


Given how censorship works in the country, it’s no surprise that China takes data privacy very seriously. One notable privacy law originates from the year of 2018 and it’s called the Information Technology – Personal Information Security Specification.


Allegedly, its provisions are even stricter than Europe’s GDPR as part of which you’re given the right to opt out of data brokers. Its privacy laws stipulate that no user data shall be collected without explicit consent. Moreover, the consent can be revoked at any time, thus giving the power back to the people in regard to how they want their personal data to be treated. 


Prior to 2018, China had multiple federal laws in place to address the data privacy problematic, including:


- Criminal Law 2015


- Cybersecurity Law 2017


- Consumer Protection Law 2014


- Protection of Network Information 2012


- National Standard of Information Security Technology 2014


In 2020, new changes were set in motion, with China introducing the PIPL legislation that builds upon the previously set legal bases for data processing in absence of the user’s consent, increasing their rights and more.


  • Conclusion


In the last decade, many things have been done to protect the consumers against unlawful data gathering and processing. The key takeaway is, data privacy violations are unfortunately not yet a thing of the past, but with each passing year, the end-users have more say regarding how their personal data ought to be handled.