With the GDPR in full effect, expect to start seeing an impact in the US sooner vs. later. All it will take is the next major data breach for the American public to start demanding ownership of their personal data.

US businesses that have customers or clients in Europe are scrambling to comply as GDPR is now in effect. There are some concerns that the US private sector will have to look out for the policy here at home.

With every major data breach, people become more outraged which will likely prompt policy action. The EU GDPR marks a turning point in the policymaking arena due to one fundamental premise. Under the GDPR individuals have the right to privacy and to control what happens to their data. This means all personally identifying information (PII) that a company uses is now under the control of the individual and companies must comply with all requests and permissions regarding an individual’s PII.

This paradigm of data ownership established by the EU is of course clashing with the ambiguous ideas of data ownership that US businesses are used to operating under. The GDPR paradigm is also redefining expectations for American citizens. Almost every company that has an international presence has had to send out new privacy notices to users/customers to reflect their compliance with the GDPR. This likely would have gone unnoticed by the American public if the privacy notices didn’t flood their inboxes all at once. Continue reading with CSO Online.