Anybody with a subscription to a European based service provider or business will have recently seen emails along the lines of “Privacy checkup” or “Update to our terms and privacy policy”. This relates to a policy that sees the European Union implement new and rigid privacy regulations.
With the deadline for the European Union’s GDPR (General Data Protection Regulation) falling on May 25 there has been a flurry of activity as businesses race to ensure they are compliant. The GDPR is a good example of how international politics have tentacles that are long and largely unseen to business.
The EU describes the purpose of the GDPR as a tool to “… harmonize data privacy laws across Europe”. Data flows between businesses move across sovereign boundaries. They travel globally going far beyond the EU. They are analogous to many everyday business operations such as the functioning of a global supply chain and international financial transactions.
The politics of the GDPR were settled when it was drawn up in 2016. There has been ample time to get ready. How many business leaders, particularly those outside the EU, took any notice of this at the time? Probably not many given the noise presently reverberating in the corporate capitals of the world.
Recent events in the United States have given adoption of the GDPR much more urgency. The Facebook/Cambridge Analytica scandal and the 2016 American election has shone a very bright spotlight on how personal data is used and abused.
Many businesses across the world, including the giants (Google, Facebook, Microsoft et.al) have acknowledged they will be adopting the EU’s GDPR measures.
This is not solely an issue for businesses in Europe. Globally, any businesses that have an exposure to, or presence in, the EU – collecting personal information, processing data relating to goods and services to individuals – must be aware of the GDPR requirements and the penalties for non-conformance.
Data privacy is now a very hot political issue. It will continue to be on the political radar given the mid-term elections due in the United States in November. From an international relations perspective this all adds fuel to the already heated debate over interference by foreign actors in the democratic processes of sovereign states. Australia is not immune and the issue of data privacy will surely come up when the next federal election is called.