While the United States continues to struggle to pass any type of overarching and complete data privacy regulation or legislation, U.S. companies have often had to rely on, or conform to, foreign regulations regarding data security.  The most famous example of this comes from the European Union’s passage of the General Data Protection Regulation (“GDPR”).

Europe’s GDPR Effect on U.S. Companies

Most privacy experts, domestic and abroad, have lauded the European Union’s creation of the GDPR because it provides strict privacy protection and promises hefty fines for technology companies that fail to safeguard consumer data.  Technology giants like Facebook have already faced heavy scrutiny under the GDPR with its recent breach potentially costing it billions in fines.

Australian Privacy Bill and Backdoor Access

Australia’s recent foray into data security legislation, however, has raised concern among privacy experts because it effectively requires technology companies to incorporate backdoor access into their products and applications in order to allow government agencies and services to quickly access and search through consumer data.  In its current form, the bill does not require companies who include the requisite backdoor access to notify consumers of the existence of such government accessibility.  In fact, some experts note that, in its current form, the bill could actually effectively prohibit companies from informing consumers that law enforcement agencies will have such backdoor access.

Hacking Concerns

While the Australian government and lobbyists argue that granting such backdoor access will allow law enforcement to better combat global threats such as terrorism, human trafficking, or sophisticated foreign hacking, many privacy experts still argue that the inclusion of such backdoor access will actually weaken current encryption methods and practices, ultimately ending up in giving hackers easier access to sensitive consumer data by requiring companies to include preconstructed backdoor access that hackers can easily exploit.

As Governments Differ on Privacy Policies, Should the U.S. Intervene With Federal Regulation?

U.S. experts also worry that the passage of similar bills in the United States may be exploited to monitor marginalized groups instead of merely providing law enforcement with quick data access.  Despite such concerns, however, some U.S. privacy experts agree that the United States’ lack of data regulation is troubling, and the absence of federal guidance continues to allow foreign governments to set the tone when it comes to data regulation. And, it is clear that foreign governments may differ significantly on how they want to protect consumer data.

For more information on this topic, visit our Data Privacy service page, which is part of our Technology & Data Practice.

About the Firm:

Klemchuk LLP is a litigation, intellectual property (IP), and business law firm, located in Dallas, TX.  The firm offers comprehensive legal services including litigation and enforcement of all forms of IP as well as registration and licensing of patents, trademarks, trade dress, and copyrights.  The firm also provides a wide range of technology, Internet, e-commerce, and business services including business planning, formation, and financing, mergers and acquisitions, business litigation, data privacy, and domain name dispute resolution.  Additional information about the Technology & Data law firm and its Technology & Data attorneys may be found at www.klemchuk.com.

Klemchuk LLP hosts Culture Counts, a blog devoted to the discussion of law firm culture and corporate core values with frequent topics about positive work environment, conscious capitalism, entrepreneurial management, positive workplace culture, workplace productivity, and corporate core values.