The General Data Protection Regulation (GDPR) is a regulation in European Union (EU) law that enhances the privacy protocols for personal data use by businesses. GDPR raises the stakes for personal data privacy and sets a firm precedent for the rest of the world to follow.
Safely storing and using your customer’s personal data can be risky. Fortunately, a Houston contractor attorney can prevent you from violating GDPR. In part one of this two-part series, we will examine how GDPR affects the United States.
GDPR in the United States
Although the principles of GDPR are currently only being enforced in the EU, the regulations will have a tangible effect on U.S. businesses, and soon GDPR could become law domestically. Jerry Brown, Governor of California, recently signed a bill that follows the principles of GDPR. This bill will take effect in 2020. California is a state that tends to lead by example and is oftentimes the forerunner for new, occasionally radical, legislation.
Even now, U.S. businesses are feeling the effects of GDPR. Businesses that deal with clients globally using the internet can be based in the U.S. while violating the GDPR rules that govern a European client. This example illustrates the far-reaching implications of GDPR and the renewed support of privacy in the modern world, which the U.S. is expected to mirror sooner than later with its own landmark GDPR bill.
Tech Giants Oppose GDPR
The incoming wave of data protection and privacy requirements in California proves that stateside GDPR is imminent. If California truly embraces GDPR, it could accelerate the adoption of similar or identical laws among other states. However, states should expect considerable resistance from tech giants such as Google. One Google executive forewarned about the unintended consequences of GDPR, but failed to elaborate. CTIA, a trade association representing the wireless communications industry in the U.S., noted that state-specific rules would be confusing for consumers and lead to a suppression of innovation.
Resistance from tech giants is expected since many of these companies face criticism over their handling of personal data, specifically in regard to the actions taken upon discovery of a data breach. California’s proposed act is modeled after GDPR, but remains unique in a few key ways. For example, California’s act will only affect businesses that meet one or more of these conditions:
- Annual gross of at least $25 million
- Handle the information of 50,000 or more people, families, or devices
- Half of annual revenue from the sale of personal information
GDPR is coming. Is your business prepared to protect your clients’ data? In part two, our Houston contractor attorneys will examine the severity of penalties businesses will likely incur for violating GDPR.
Disclaimer: The information contained in this article is for general educational information only. This information does not constitute legal advice, is not intended to constitute legal advice, nor should it be relied upon as legal advice for your specific factual pattern or situation.