Over 2.5 quintillion (1018) bytes of data are created each day. Many of them consist of information that would allow people to be personally identified.
At the same time that we share our personal information, there is a growing concern with how that information is being gathered, stored, used and shared. While many economies like Canada and the EU have privacy laws dating back to the mid-1990s, changes to data practices in the past five years have motivated governments to review or update existing laws.
Changes to privacy laws are being fuelled by growing public concerns with the idea of unrestricted data accumulation and use. For instance, earlier this year, the World Economic Forum found that 1/3 of global citizens have no idea about how their personal information is used and that trust is lacking.
Privacy laws are changing to deal with the real and noticed risks of harm which result from the under-regulated or unregulated data economy. The EU has introduced big reform to laws which are aimed at protecting privacy. The EU's General Data Protection Regulation (GDPR) introduced strict requirements for those that control or process the personal data of the people who live in the EU. The GDPR's stated goals focus on the protection and basic rights of personal information. Certain US states are also entering the ring in the fight for control over personal data. They have passed or are actively considering privacy laws. California is out front. The California Consumer Privacy Act (CCPA) provides greater control to individuals over their personal information. There is a sense that privacy laws are on the near horizon in the US.
These are two examples that are actively pursuing more progressive privacy laws. One important consideration is to harmonize global standards for best law practices. This will ease compliance (遵守) across border and provide a valuable signal to the public that governments are keeping pace with rapid change.