When the European Union’s General Data Protection Regulation (GDPR) became effective in May 2018, organizations around the world adapted their online privacy policies in compliance. Today, U.S. businesses are preparing for the upcoming California Consumer Privacy Act (CCPA)—the nation’s first comprehensive state privacy law—which will be active in January 2020. As a result, many U.S. businesses will need to juggle compliance with the GDPR, CCPA, and any applicable sector-specific privacy laws. Meanwhile, in this regulatory climate—post-GDPR, pre-CCPA—Congress continues to consider federal privacy legislation to establish baseline privacy protections for all U.S. individuals.
On December 13, the Center for Technology Innovation at Brookings hosted a public discussion on how the GDPR and CCPA affect U.S. businesses and individuals. How will corporations adapt to the changing regulatory environment, and what could the GDPR and CCPA mean for the outlook of federal privacy legislation?
After the session, panelists answered questions from the audience.