As part of our visit to Washington DC this week, we stopped by the U.S. Department of Commerce this morning. While there, we joined 30 other tech leaders for a presentation on all things privacy and security as they relate to the department. We received updates on many importnat topics and pieces of legislation, and some highlights from the presentation are below.
General Data Protection Regulation (GDPR)
The General Data Protection Regulation, better known as GDPR, is a piece of legislation enacted in the EU designed to offer EU citizens better control over their personal data. It aims to improve privacy protections for citizens, as well as offer benefits to businesses. The GDPR includes many provisions including: offering more information on how citizens’ personal data is “processed;” including data protections “by default” and “by design” in products and services; and requirements for clarification and consent for data use, transfer and protection. Learn more about the GDPR!
Privacy Shield is a joint collaboration between the Department of Commerce and the EU, which officially took effect in August 2016. It has several parts, and companies that sign on commit to how they handle their data. There is also commitment by the government in regards to oversight of the data, and the law provides a redress mechanism for EU citizens if they have issues with how USA government has accessed or used their data. Other items related to Privacy Shield include a Swiss version of the law, implications of Britain leaving the EU (Brexit) and the importance of the agreement and defending it going forward. Learn more on privacyshield.org and in our blog post.
USTR – United States Trade Representative & China
We saw a presentation by the USTR, an agency focused on negotiating new trade agreements. These agreements can intersect with the Internet and privacy issues we care about like SOPA/PIPPA (as they end up in trade agreements), localization issues regarding data storage and DNS, and rules governing how companies run servers in and outside of other countries. This presentation touched on cybersecurity in China, and the implications China’s new laws may have for United States companies. Learn more about China’s recent cybersecurity laws.
We received an update on ICANN, which will go dark in May 2018 due to the GDPR (referenced above) and concerns surrounding the storage of Whois information. Learn more about ICANN.
More Updates Coming
We’ll be sharing more from our meetings and our trip to Washington DC this week – stay tuned for additional updates on our blog and social channels! #FreetheNet #GFTakesDC