California became the first major non-European economy to enact data protection regulation similar to Europe’s General Data Protection Regulation (GDPR). The California Consumer Privacy Act of 2018 and the GDPR have dominated the privacy compliance agendas of most businesses and continue to post challenges. Other economies, however, are catching up, including Brazil (Brazil’s Lei Geral de Proteção de Dadostook), Canada (Digital Charter Implementation Act 2020), China (Personal Information Protection Law), and New Zealand (New Zealand Privacy Act 2020). The emerging laws resemble the GDPR and CCPA, but compliance could be vastly different. Companies doing business internationally are advised to employ a global perspective in designing their 2021 compliance efforts.
