Data Protection And Privacy Laws Across The World
Each of us informs others about ourselves on the internet: full name, date of birth, details of documents, health information, etc.
But this is not just information, it is personal data, i.e. data that allows you to identify a person. With the advent and development of technology, personal data is spreading faster and faster.
Read more about personal data issues on the internet here.
In modern digital reality, such information can be used against a person. Therefore, states around the world are trying to protect the personal data of their citizens.
In the article, we will talk about data protection and privacy laws across the world.
What is GDPR?
GDPR is General Data Protection Regulation. The document provides residents of the European Union (EU) with the opportunity to manage personal data: ask about the purposes of the processing, the place of their storage, and, if necessary, delete them.
What data does GDPR protect?
Personal data is any information about a person by which he is identified: gender, age, place of residence, mental, cultural, economic, or social identity.
- Transparency and legality. Companies should clearly explain why they collect data and how they plan to use it in the future.
- Goal restriction. If the purposes of data collection have changed, but they continue to be used — this is a violation.
- Minimum information. The data is needed only to the extent necessary to achieve specific goals, you can not request too much.
- Data management. The user can request a copy of all the personal information that you have about him — be ready to provide it within 30 days. The user may also request to delete the data about him without the right to restore.
- Storage restriction. The data retention period should overlap with the period for achieving the goals. As soon as the goal is reached, the data is deleted.
- Storage security. You cannot transfer data to third parties. In case of a leak, report it within three days.
But what about other countries where GDPR doesn’t work? What are the laws and regulations there?
Learn more about world cybersecurity stats in this article.
Data protection and privacy laws across the world
The USA is a country that uses several laws to regulate data privacy. In addition, laws vary from state to state. Of course, such a non-coincidence of data confuses.
By the way, all laws work perfectly and protect the rights of ordinary users. For example, a court recently fined Meta $5 billion for violating user privacy.
In addition to state bodies regulating the enforcement of laws, there are private companies that can establish their principles for processing personal data.
Concerning video surveillance and covert surveillance, everything depends on the state. But as a rule, such a measure is unacceptable in locker rooms or places of solitude.
Surveillance of employees in the workplace, only 2 states require companies to inform employees about monitoring their workplaces.
By the way, the Law on the Clarification of the Legitimate Use of Data Abroad (CLOUD) was recently adopted in the United States, which allowed law enforcement agencies of cooperating countries to request data directly from Internet providers, bypassing the government, which greatly simplified data transfer.
China is the most closed country in terms of information (after North Korea, of course). There is a local internet, the occupancy of which is regulated by special authorities.
All data is stored by the Privacy Law dating back to 2017. Concerning it, internet service providers must obtain the consent of users to collect their data. In terms of structure and norms, this law correlates with GDPR. However, the law does not offer or establish clear instructions and rules for data compliance and use.
Therefore, all user data is often transferred between departments and agencies. Moreover, state intelligence has the right to request data from any organization or citizen. And he will be obliged to provide all the necessary information.
In addition, China’s intelligence and law enforcement agencies can intercept private messages without a court order. And the method of interception is chosen by the special services themselves.
Employees of enterprises are not protected in any way when it comes to their communication. Even though, the data subject must give his consent to the data collection.
There are no time limits for storing data, but there are special requirements for what data needs to be stored. For example, text message service providers must store various information for at least five months.
China censorship and surveillance issues are here.
The UK is governed by the generally accepted GDPR law. Nevertheless, the country has created and issued its data protection law, which came into force after Brexit.
Concerning video surveillance and covert surveillance, the country offers enterprises to inform ICOs for what purpose they carry out video surveillance and inform people that they are being monitored.
To intercept messages, several warrants are required, as well as government access to data.
Besides, workplace monitoring is allowed in the country (if employers can justify their reasons) and there have been cases when employees have been fired for using social networks during working hours.
Russia has its own laws governing the collection, storage and use of personal data. For example, the Law on Data Protection regulates the procedure for implementing data security in the jewelry network
The Law on Data Storage regulates the rules and methods of reliable data storage from outside interference.
By the way, the adopted laws do not exclude the possibility of using and further processing the data of Russians abroad, if this data was stored in the database and regularly updated.
The developed and adopted Data Protection Law in India is just about to enter into force. In addition, there is no data protection authority in the country, so the protection of user data is very weak at the moment.
However, since recently, the courts of India have begun to protect the confidentiality of data. Therefore, the Aadhaar database was closed, and private companies no longer have the right to request user identification numbers.
By the way, the country plans to ban covert surveillance. However, many do not believe in its work, since surveillance and biometrics are already at a high level in India. By the way, video surveillance is not regulated in any way.
In addition, 10 government agencies have recently received permission to receive, intercept, decrypt and track data on any device. To do this, you only need the approval of the Ministry of Internal Affairs.
Thailand is a country that adopted its own Personal Data Protection Law in 2019. This is the first and only regulatory act that somehow protects user data.
In addition, Thailand is developing an employee workplace monitoring and data storage system. Such a measure will help identify users who violate Thai laws and create “fake news” from work accounts.
The opposition of the country, on the contrary, has backed the new laws, as they are aimed at restricting freedom of speech in the country. Therefore, it will be used to fight critics and the opposition.
The country also has a Law on Computer Crimes, which allows employees of the Ministry of Digital Economy and Society (MDES) to request documents and computer data from internet service providers. Of course, such actions are performed without a warrant. By the way, with a warrant, you can access a lot more information.
In addition, the Thai police have technology that can access chat messages, emails, and text messages. But to obtain such information, a court decision is necessary.
One way or another, the global community is involved in the process of protecting user data both online and offline. Some countries have united and used a common system of norms and rules, while others come up with their own rules that regulate this sphere of human activity.
Protect yourself and your data! Use Utopia P2P to forget about third-party surveillance and tracking.