A Data Privacy Day Recap
The US and Canada have observed Data Privacy Day every January 28th since 2008. It is a follow-on to Data Protection Day in Europe that commemorates the Jan. 28, 1981 signing of the Council of Europe treaty known as Convention 108. This treaty was the first legally binding agreement designed to protect an individual’s right to digital privacy, anticipating the increasingly automated processing and distribution of personal data.
While remarkably prescient, the original authors and signers of Convention 108 could not have possibly foreseen how data would be being created, shared, processed, and stored today, nor the volume of personal data that exists for virtually every human being on earth.
That original treaty has been enhanced by legally binding legislation over the years in nearly every country in the world, culminating most recently with the most comprehensive law ever enacted to protect personally identifying information (PII). The EU’s General Data Protection Regulation (GDPR) is the most important change to data privacy regulation since that first treaty was signed in 1981. It provides comprehensive data protection and privacy for all individuals within the European Union and the European Economic Area, including the export of personal data outside the EU and EEA.
It has also raised the bar in other countries around the world, with volumes of new legislation patterned after GDPR. The California Consumer Privacy Act of 2018, for example, signed into law in June of 2018, gives California citizens the right to know what personal data businesses possess. As with the EU’s GDPR. Californians in 2020 will not only be able to require that organizations delete their PII, but also forbid those organizations from selling their data to third parties. Since California is now the fifth largest economy in the world, surpassing the UK last year, the impact of this new law will …