GLOBAL PRIVACY AND DATA SECURITY LAW There are two approaches to legally protect the privacy rights of individuals. The United States has primarily taken a sectoral approach with the use and disclosure of personal information regulated by specific industries or sectors. There is no single omnibus privacy law in the United States. In Europe and most countries outside of the United States, a more comprehensive approach is followed with one omnibus law or set of regulations covering all industries and sectors. If a Minnesota business is considering expanding its business outside of the United States, it should consider what foreign laws might apply. An analysis of the proposed activities and whether or not the jurisdiction of any particular country is implicated will help guide the business on what compliance activities may be required relative to data privacy. For example, if any personal information of residents outside of the United States (including employees) is transferred for use by a business situated in the United States, the relevant laws of that foreign jurisdiction will apply. It is impossible for this Guide to cover all of the foreign data privacy and security laws and their nuances. We will, however, try to provide a basic overview of some key issues for a Minnesota business to consider with a focus on the European Union (EU). The data privacy practices, laws, and regulations of the EU have been the basis of much of law and best practices followed in the rest of the world. EU-USA Privacy Law Compared . Privacy laws in the EU and the rest of the world are quite different from those in the United States. In fact, the United States is considered by the EU as being so lax in its privacy laws
135
Made with FlippingBook - Online Brochure Maker