GDPR continues to shine a light for US legislation

Washington DC is to introduce a new data privacy bill, in a further reminder of the GDPR’s power as a policy influencer for governments the world over.

The Whitehouse is now set to put regulations in place that are heavily modelled on the GDPR which came into being on May 25th of last year. In a press release, local government in the US capital explained the new law’s intention to develop protection for residents’ personal and private data.

The rules will also galvanise requirements for data controllers’ handling of citizens within the District of Columbia.

DC’s residents have been among those affected by major data breaches that have taken place over recent times, with many hit by the world-record breaking Equifax exposure which compromised the private information of around 143 million people.

Attorney General Karl A. Racine said that 350,000 DC citizens were caught up in the Equifax trouble.

Racine said:

“Data breaches and identify theft continue to pose major threats to District residents and consumers nationwide.

“The District’s current data security law does not adequately protect residents. Today’s amendment will bolster the District’s ability to hold companies responsible when they collect and use vast amounts of consumer data and do not protect it,” he added.

I urge the Council to pass this legislation quickly for the benefit of District residents,” he continued.

As detailed by Security Boulevard, the Security Breach Protection Amendment Act of 2019 aims to:

  • Develop the definition of personal information subject to legal protection. New definitions would include passport numbers, military ID numbers, health, and even genetic information.
  • Galvanise compliance requirements for data handlers to provide heightened identity theft protection should social security numbers become exposed. Organisations would also have to notify customers of their rights when a breach occurs and their personal data is at risk.
  • Violation of the District’s Consumer Protection Procedures Act would have to be reported to the The Office of the Attorney General. The bill in full can be read here.

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.