To help security and risk professionals navigate the complex landscape of privacy laws around the world, Forrester created a data privacy heat map that highlights the data protection guidelines and practices for 54 different countries. It also covers other relevant issues like government surveillance, cross-border data transfers, and regulatory enforcement.  Due to the dynamic nature of data protection legislation, we update information within the interactive tool annually.

Here are some important takeaways:

The EU adopted the GDPR; Global Preparations Commence

The EU’s adoption of the General Data Protection Regulation (GDPR) on April 27, 2016 forces foreign governments and corporations to start preparing for compliance. With barely more than two years between adoption and enforcement, firms around the world that do business with European customers — and those doing business in countries following the GDPR’s lead — must now thoroughly examine their privacy and security practices and remediate any control gaps as soon as possible.

Countries continue moving toward the EU standard for data protection.

New legislation outside of the EU often follows the EU’s lead by adopting provisions similar to those in the existing Directive 95/46/EC regulation. The slow global convergence toward the requirements outlined in the regulation continued through 2016. For example, Argentina and Japan strengthened preexisting policies, while Nigeria passed its first comprehensive cybercrime legislation. Japan also established an independent regulatory body (“Privacy Protection Commission”) that oversees privacy issues — a requirement of both the current Directive and the superseding European GDPR.

Several Governments Push For Surveillance – Enabling Legislation

While some countries increased regulation of corporate treatment of citizen data from 2015 to 2016, several others drafted or passed legislation that could grant governments more access to citizen data. Many countries — and not just ones with histories of surveillance — still struggle to reconcile pressure from citizens to restrict surveillance with pressure to glean national security intelligence from civilian data.

How to access Forrester’s 2016 Interactive Data Privacy Heat Map:

This document is not available for individual purchase. Become a client to get access to this document and more Forrester research, aligned to leadership roles across business and technology management. 

To contact Forrester Research click on this LINK