Data theft rules and regulations things you should know (pt.1)

Data Theft rules and regulations: Things
you should know (Pt.1)
Website : www.faidepro.com
Address : 417- Accurate Square, Tagore Road, Rajkot,
India - 360002
E- Mail : faidepro@gmail.com
Mobile No : +919510395794

Issues Faced :
❏ The most serious problem with data theft is its international nature;
for example, systems may be accessed in the United States, data
exploited in China, and the effects felt in India.
❏ Different sovereignties, jurisdictions, laws, and rules will come into
play as a result of this capacity, which is a problem in and of itself.
❏ Furthermore, gathering evidence in such circumstances becomes a
problem because conducting an investigation in three different
countries, all of which do not speak the same language, is nearly
impossible, and our cops’ lack of technological know-how adds to the
problems.
https://faidepro.com/dataandit.php

❏ Another issue is a lack of cooperation between various investigating
agencies and a shaky extradition process.
❏ The most critical of all of these problems is the lack of clear
legislation in the country dealing with this crime, which means that
even though the perpetrator is apprehended, he can easily get away
by using some of our legal loopholes.
❏ Data and IT services provide better protection against data theft.
❏ We’ve compiled a list of ten data protection laws from around the
world that businesses should be aware of. The IT Security Standards
provide a complete guideline in this field.
Issues Faced :

1. General Data Protection Regulation (GDPR) (EU)
❏ The General Data Protection Regulation (GDPR) of the European Union
went into effect on May 25, 2018, and it has had a far-reaching ripple
effect, putting data protection into the public eye and onto legislative
agendas all over the world.
❏ GDPR is the most dramatic reform in the data privacy policy in the last
20 years, offering unparalleled levels of security and individual
empowerment.
❏ The European Union’s current data protection policy imposes new
requirements on businesses and organisations to ensure the privacy and
protection of personal data, grants data subjects’ certain privileges, and
empowers regulators to demand transparency demonstrations or even
levy fines in cases of non-compliance.
https://faidepro.medium.com/what-is-gdpr-3ff0034ff454

❏ The GDPR 's main principles include legal, equitable, and
straightforward processing, clear and explicit consent, mandatory
violation notification, the right to access, the right to be forgotten, and
privacy by design and default.
❏ The regulation has extraterritorial application, which means it extends to
all entities that collect and process personal data of EU citizens,
regardless of their location.
1. General Data Protection Regulation (GDPR) (EU)
https://faidepro.medium.com/what-is-gdpr-3ff0034ff454

2. The Personal Information Security and Electronic
Records Act (PIPEDA) (Canada)
❏ The Personal Information Security and Electronic Documents Act
(PIPEDA), Canada’s federal data protection statute, was passed in
2000. The Personal Information Protection and Electronic
Documents Act (PIPEDA) governs how companies obtain, use, and
report personal and confidential data in the private sector, among
other things.
❏ The legislation is divided into ten fundamental values that must be
followed by companies.

2. The Personal Information Security and Electronic
Records Act (PIPEDA) (Canada)
❏ The Government of Canada released the Data Privacy Act, an update
to PIPEDA, on November 1st, 2018, in order to harmonise Canadian
standards with those of the EU’s GDPR. This Act modifies PIPEDA
by adding additional regulations such as consent provisions, data
breach alerts, and a broader scope of implementation.
❏ The Government of Canada announced a 10-principle Digital Charter
and a Discussion Paper detailing plans to modernise PIPEDA on May
22, 2019.

3. The California Consumer Privacy Act (CCPA)
(California)
❏ The California Consumer Privacy Act (CCPA), which takes effect on
January 1, 2020, was enacted in response to the increasing
importance of personal data in modern business practices, as well as
the personal privacy consequences of data collection, usage, and
security.
❏ The Golden State’s new data privacy legislation, which was signed
into law on June 28, 2018, provides users access to and control over
personal information collected online, and it requires businesses doing
business in California to make structural improvements to their
privacy systems.

3. The California Consumer Privacy Act (CCPA)
(California)
❏ Given California’s status as the world’s fifth-largest economy, the CCPA
is expected to have a global effect, similar to the GDPR.
❏ An expanded definition of personal information, new data privacy
protections for California residents, a new statutory damages system, and
new rules when children’s personal data is used are all main components
of the CCPA.
❏ The right to know what data is being collected about them and how it is
being used, as well as the right to have their data erased, are among the
many parallels between California’s new privacy law and its European
equivalent, the GDPR.
❏ However, there are major differences between the two laws, especially in
terms of the extent of implementation and rules concerning acquiescence.

4. The Act on Personal Information Protection
(APPI) (Japan)
❏ The Act on Personal Information Protection in Japan (APPI) was
passed in 2003 and went into effect in 2005. It was substantially
revised ten years later, in 2015; the changes went into force on May
30, 2017, one year ahead of the EU’s GDPR.
❏ The APPI safeguards individuals’ personal data in Japan by
developing laws for governments and some business operators to obey
in order to secure an individual’s rights when it comes to collecting
and managing personal data. Whether or not cross-border data
transfers occur, entities operating in Japan must comply with APPI.

4. The Act on Personal Information Protection
(APPI) (Japan)
❏ In some ways, the APPI differs from the GDPR; the GDPR offers
more rights to data subjects and imposes tighter rules on
organisations that handle personal data than the APPI.
❏ Following the GDPR, Japan became the first country to receive an
adequacy decision from the European Commission (EC), ensuring a
seamless flow of data between the EU and Japan as well as
facilitating increased data transfers.

5. Lei Geral de Proteço de Dados (LGPD) (Brazil)
❏ Brazil adopted the General Data Protection Law (“Lei Geral de
Proteço de Dados” or “LGPD”) on August 14, 2018, which will take
effect on August 15, 2020. The new data protection system, which is
largely influenced by the GDPR, sets guidelines for the online and
offline collection of personal data in both the public and private
sectors, regardless of the position of the data processor.
❏ The law seeks to replace and complement current legal codes, with
one of the goals being to bring Brazil’s data care in line with
European standards.

5. Lei Geral de Proteço de Dados (LGPD) (Brazil)
❏ Data subjects’ rights (e.g., the right to request access to their data as
well as the right to be forgotten), the need for data protection
officers, data protection impact evaluations, and data breach alerts
are all key parallels between the LGPD and GDPR.
❏ However, the LGPD goes beyond and beyond European regulation in
many ways, such as legal bases and mandatory violation notices.

6. Personal Data Protection Act (PDPA) (Singapore)
❏ In Singapore, personal data is covered by the Personal Data
Protection Act (PDPA), which was passed in 2012 and went into
effect in 2014. The PDPA is a data security system that governs the
collection, use, disclosure, and storage of personal data for all private
sector organisations.
❏ It respects both individuals’ rights to personal data privacy and
organisations’ needs to obtain, use, and reveal personal data for
legitimate and fair purposes.
❏ The PDPA, like the GDPR, has extraterritorial application and
refers to anyone who does not have a physical presence in Singapore.

7. Personal Data Protection Act (PDPA) (Thailand)
❏ The Personal Data Protection Act (PDPA), Thailand’s first unified
law regulating data protection in the country, was published on May
27, 2019. By May 27, 2020, organisations gathering and processing
personal data must be consistent with the PDPA.
❏ Thailand’s government has generally taken principles from the
GDPR, with a few tweaks to suit the country’s needs. It did so on
purpose to prove that Thailand has an “adequate” standard of data
security in contrast to the EU.
❏ The PDPA contains a new concept of personal information, special
categories of confidential data, consent provisions for minors, data
subjects’ privileges, extraterritoriality, and limits on personal data
transfers to third countries, among other items.

7. Personal Data Protection Act (PDPA) (Thailand)
❏ The PDPA contains a new concept of personal information, special
categories of confidential data, consent provisions for minors, data
subjects’ privileges, extraterritoriality, and limits on personal data
transfers to third countries, among other items.
- To be continued in Pt.2

Website: https://faidepro.com
Blog: http://blogs.faidepro.com/
LinkedIn: https://in.linkedin.com/company/faidepro
Twitter: https://twitter.com/faidepro
Instagram: https://www.instagram.com/faidepro/
Facebook : https://www.facebook.com/Faidepro-103150408248729
Source: https://faidepro.medium.com/
FaidePro

Data theft rules and regulations things you should know (pt.1)

Recommended

Recommended

More Related Content

What's hot

What's hot (18)

Similar to Data theft rules and regulations things you should know (pt.1)

Similar to Data theft rules and regulations things you should know (pt.1) (20)

Recently uploaded

Recently uploaded (20)

Data theft rules and regulations things you should know (pt.1)