Published: May 2021
Since the EU General Data Protection Regulation went into effect on May 25, 2018, it has inspired new privacy laws around the world and focused global attention on privacy.
The number of privacy laws globally has risen, with the United Nations reporting about 66% of countries currently have data protection and privacy legislation. In the U.S., a federal privacy law has yet to be enacted, although 69 different state privacy laws have been introduced since the GDPR entered into effect. In that time, two states have enacted comprehensive privacy laws. Populous countries, like India and China, are considering new bills with many provisions resembling those in the GDPR. Other nations have updated or replaced existing privacy laws to better align with the GDPR’s principles.
While the GDPR has ushered in similar approaches elsewhere, nuances remain, reflecting the history and culture of each nation. As a result, privacy professionals responding to the IAPP’s latest Privacy Governance Survey are split between those adopting a global privacy strategy (44%) and those categorizing data subjects by jurisdiction and handling data according to the local law (34%).
Recognizing that implementing privacy in practice is contextual, policymakers around the world have mandated data protection officers within organizations. Since the GDPR came into force, hundreds of thousands of privacy professionals have taken on this important role.
With full GDPR compliance still elusive, enforcement actions adding up and numerous new laws, privacy pros are turning to privacy technologies and automation for assistance. The privacy tech market has skyrocketed in the past few years.
As privacy pros look toward the future, the GDPR’s influence looms large. For privacy pros looking back over the past three years, it is clear that policymakers, companies and regulators have zeroed in on the importance of privacy to businesses, citizens and societies. The statistics below point to the GDPR’s tangible impact.