Europe has been at the forefront in ensuring that the region has an airtight data protection framework. The continent implemented the General Data Protection Regulation (GDPR) more than one year ago. The regulations, which were widely publicized, introduced stringent rules on how tech organizations can process, exchange, use, or store data belonging to people in the European Union.
The development pushed global tech companies operating in the region make several changes to their data protection policies. It has also been reported that Microsoft is pushing for the same regulation in the United States after it published usage statistics of its privacy policies to illustrate the level of interest in ensuring personal data is guarded against misuse in the United States. The main goal of Microsoft’s interest in the matter is to persuade the U.S. Congress to adopt a GDPR-esque framework to preserve the right to privacy.
According to Julie Brill, the Corporate Vice President and Deputy General Counsel at Microsoft, there isn’t much corporations such as MS can do to secure sensitive data and empower people to manage their own data, and hence preserving their right to privacy if governments do not install laws that safeguard privacy.
“Now, it’s Congress’s turn to adopt a new framework that reflects the changing understanding of the right to privacy in the United States and around the world. Like GDPR, this framework should uphold the fundamental right to privacy through rules that give people control over their data and require greater accountability and transparency in how companies use the personal information they collect,” says Julie Brill on a Microsoft blog post.
According to the Redmond-based organization, its privacy dashboard has since been used by 18 million people across the globe since GDPR went live on May 25, 2018. More than one-third of the users were based in the U.S.
It is worth noting that the GDPR law tasks data processors and controllers with the responsibility of protecting private data and information from misuse, hence any breaches and non-compliance are levied on them, with up to €20 million in fines. What’s more, GDRP grants EU citizens some rights such as the right to get access to or parental consent for processing children’s data.
“Now it is time for Congress to take inspiration from the rest of the world and enact federal legislation that extends the privacy protections in GDPR to citizens in the United States,” concludes Julie Brill in the post.