It’s been over four years since the European Union (EU) implemented its groundbreaking General Data Protection Regulation (GDPR). The GDPR has become the model for personal data privacy laws in many other countries, and for the California Consumer Privacy Act (CCPA), which took effect in 2020. New data privacy laws are set to take effect in four more U.S. states in 2023, and six states are actively working on bills.
But in four years' time, there’s been little progress at the federal level. The discussion draft of the American Data Privacy and Protection act, released on June 6, 2022, has several unresolved issues that will likely stand in the way of bipartisan support. This lack of federal privacy regulation is costing U.S. businesses money, in ways they don’t even realize.