The Ramp-up in Data Privacy Regulations in North America
Gartner Inc. anticipated that, by the end of 2023, 65% of the world’s population will have their personal data covered under modern privacy regulations. This figure is up from 10% in 2020, illustrating the explosion in data privacy laws around the world. While the EU GDPR is widely seen as the legislative benchmark in this area, Canada introduced the Personal Information Protection and Electronic Documents Act (PIPEDA) back in 2000 and is planning to introduce even stricter regulations soon. In the meantime, the USA is starting to play catch-up. Having worked with data in its many forms for over 25 years, DMI has vast data compliance expertise, which is incorporated into the JiVS Information Management Platform, making sure customers who operate in North America and elsewhere around the world are always fully compliant with the latest privacy laws.
Protecting data privacy in Canada
Although the PIPEDA was first introduced in 2020 to protect data and privacy in Canada, the government has proposed a bill (Bill C-27) to reinforce the existing regulations and give consumers greater control over their data as well as increased transparency about how companies use personal data. If passed, the Canadian Consumer Privacy Protection Act (CPPA), implemented through the broader Digital Charter Implementation Act, would result in substantial changes to the PIPEDA and apply to all companies that collect personal data in Canada. The proposed bill also includes the Personal Information and Data Protection Tribunal Act (PIDPT) and the creation of a new Data Protection Tribunal, as well as the introduction of the Artificial Intelligence and Data Act (AIDA), to provide a legal framework for regulating AI. Companies will need to understand how any new legislation affects them and what new requirements they will need to fulfill in order to remain compliant and avoid hefty fines or even prosecution.
USA playing “data protection” catch-up
Overall, the USA is lagging behind in terms of data privacy laws and protecting the data privacy rights of its citizens. A small number of states are leading the way, however – the California Privacy Rights Act and the Virginia Consumer Protection Act both came into force on January 1, 2023. Later this year, these will be followed by the Colorado Privacy Act and the Connecticut Data Privacy Act on July 1, and the Utah Consumer Privacy Act on December 31. Having recognized the urgent need for suitable nationwide legislation in an increasingly digitized world, in June 2022 a new bill was approved by the U.S. House of Representatives Committee on Energy and Commerce: the American Data and Privacy Protection Act (ADPPA). If passed by the House and the Senate, the new laws would provide federal protection of personal data for all US citizens in all fifty states. To make sure they do not fall foul of the new state laws and any future federal legislationn, all companies that collect and process personal data will need to keep up to date with the changes that impact them.
Recommended by LinkedIn
Data Migration International’s Information Management Platform JiVS is deployed at companies across North America and Europe, which means that ensuring compliance with data privacy regulations on both sides of the Atlantic is a priority for us. Trying to understand and keep up with the latest legislation is a huge headache for many firms. Contact us to find out more about how we take the pain out of this process and keep all your operational and historical data secure, compliant, and accessible.
Author: Jean Marc Pestoni, Data Migration Expert, Data Migration International