Additional 5% OFF all Instructor-Led Courses: CIPP/E, CIPM & CIPT - Use code CYBER-05 at checkout through to 06/12/21.

Violation fine risk as enforcement comes in across changing data protection landscape

|

by Leanna Cofano, ALLNET Law

While EU GDPR settles in, the implementation of various new global laws take root this year. As their impact starts to come into effect, are companies feeling prepared – Have their privacy practices caught up or been caught out?

 

 

Data Source: IAPP EY Annual Privacy Governance Report 2021

The annual “Privacy Governance Report,” collates responses from international privacy professionals from an online survey, the collaborative work effort by EY and IAPP. This year it looks back on the profession during an eventful 2021 to see how the privacy sphere unfolded in response to the pandemic, with a focus on how office based work is increasingly being carried out remotely.

 

It takes a sweeping drones-eye view across the globe looking to the future regarding compliance with privacy laws impacting global businesses. In particular it examines compliance to Brazil’s General Data Protection Law for the first time following it’s introductory passage year. The report also sheds light on the impact of South Africa’s Protection of Personal Information Act as well as discussing China’s Personal Information Protection Law, which follows cybersecurity reforms, upping the ante of enforcement to companies based there. We see the EU General Data Protection Regulation bringing in high profile fines of millions of euros proving it to be a force to be reckoned with for the likes of tech giants including Google, WhatsApp and Amazon.

 

Whilst in America, without federal privacy protections drawing a benchmark the U.S.A is taking an individual state-led and market driven approach, the report highlights how organisations across America are dealing with the California Consumer Privacy Act and California Privacy Rights Act, as claims begin to grow. Whilst legislatures in Virginia and Colorado are throwing their hat into the mix, seemingly it is being left to companies to make the rules regarding privacy with new technology. So far it appears that tech. companies are striving to lead the way with privacy centric initiatives – from transparency to designated budgets and pledges – helping to address consumers concerns.

 

Ultimately the report offers insights into the running of privacy teams and analyses the workflow between processing vendors and data subjects. Well worth giving a look over to the executive summary and statistics found at the IAPP EY Annual Privacy Governance Report 2021