DATA PROTECTION POLICY ANALYSIS

In dozens of nations, policymakers are considering and enacting data privacy and data protection laws. Data moves globally and instantly, yet it is complex and difficult to establish a national, let alone a global, framework for data governance.  Data Catalyst is working to support stakeholders and policymakers as they undertake this important effort: to build a data governance framework that works locally and globally – for consumers and data-focused enterprises.

To celebrate the success of good policy and identify challenges of many proposals, Data Catalyst Report Cards are scoring proposals and laws on a 10-factor 100-point scale. The Report Cards highlight important and core tenets of data governance policy; including issues and options that we believe regulators must consider.

Proposals can and often will evolve  —  before and after enactment. To reflect those changes, Data Catalyst will monitor amendments, court cases, and other changes to proposals and adjust our analysis and scores. Much of the General Data Protection Regulation (GDPR) for example, is yet to be determined, and while it is largely the standard against which many other ambitious frameworks will be measured there are substantial unanswered questions. Our objective is not to criticize or condemn, but rather to support better, broader understanding among policymakers, the media, and stakeholders in general.

Please note that Data Catalyst Report Cards are produced as independent research to start policy conversations and do not necessarily reflect the views of our sponsors and our advisory board.

India Draft National e-Commerce Policy (2019)

India
35/100
SPECIFIC HARMS HELPFUL PROCESSES NOT RETROACTIVE NOT HARMFUL FREE SPEECH SIMPLE CONSENTS INTERNATIONAL COMMERCE FAIR ENFORCEMENT Small Enterprises 5/10 2/10 5/10 5/10 2/10 3/10 3/10 2/10 5/10 3/10 CLEAR TERMS EXPLICIT CONSENT 7/10

Washington Privacy Act, S. 5376 (2019)

United States
92/100
SPECIFIC HARMS HELPFUL PROCESSES NOT RETROACTIVE NOT HARMFUL FREE SPEECH SIMPLE CONSENTS INTERNATIONAL COMMERCE FAIR ENFORCEMENT SMALL ENTERPRISES 9/10 9/10 8/10 9/10 10/10 10/10 9/10 9/10 10/10 9/10 CLEAR TERMS EXPLICIT CONSENT 7/10

American Data Dissemination Act of 2019

United States
57/100
SPECIFIC HARMS HELPFUL PROCESSES NOT RETROACTIVE NOT HARMFUL FREE SPEECH SIMPLE CONSENTS INTERNATIONAL COMMERCE FAIR ENFORCEMENT SMALL ENTERPRISES 7/10 5/10 5/10 5/10 6/10 5/10 3/10 7/10 7/10 7/10 CLEAR TERMS EXPLICIT CONSENT 7/10

General Data Protection Regulation (GDPR)

81/100
SPECIFIC HARMS HELPFUL PROCESSES NOT RETROACTIVE NOT HARMFUL FREE SPEECH SIMPLE CONSENTS INTERNATIONAL COMMERCE FAIR ENFORCEMENT SMALL ENTERPRISES 8/10 8/10 8/10 9/10 8/10 8/10 8/10 8/10 8/10 8/10 CLEAR TERMS EXPLICIT CONSENT 7/10

Draft Personal Data Protection Bill

India
49/100
SPECIFIC HARMS HELPFUL PROCESSES NOT RETROACTIVE NOT HARMFUL FREE SPEECH SIMPLE CONSENTS INTERNATIONAL COMMERCE FAIR ENFORCEMENT SMALL ENTERPRISES 6/10 6/10 6/10 7/10 6/10 4/10 7/10 3/10 2/10 2/10 CLEAR TERMS EXPLICIT CONSENT 7/10

California Consumer Privacy Act of 2018, Cal. A.B. 375

41/100
SPECIFIC HARMS HELPFUL PROCESSES NOT RETROACTIVE NOT HARMFUL FREE SPEECH SIMPLE CONSENTS INTERNATIONAL COMMERCE FAIR ENFORCEMENT SMALL ENTERPRISES 4/10 2/10 4/10 6/10 1/10 1/10 6/10 6/10 7/10 4/10 CLEAR TERMS EXPLICIT CONSENT 7/10

APPS Act (H.R. 6547)

57/100
SPECIFIC HARMS HELPFUL PROCESSES NOT RETROACTIVE NOT HARMFUL FREE SPEECH SIMPLE CONSENTS INTERNATIONAL COMMERCE FAIR ENFORCEMENT SMALL ENTERPRISES 4/10 2/10 6/10 10/10 7/10 10/10 4/10 1/10 6/10 7/10 CLEAR TERMS EXPLICIT CONSENT 7/10

Legislation to Protect Personal Data and Create a Personal Data Protection Agency

Chile
76/100
SPECIFIC HARMS HELPFUL PROCESSES NOT RETROACTIVE NOT HARMFUL FREE SPEECH SIMPLE CONSENTS INTERNATIONAL COMMERCE FAIR ENFORCEMENT SMALL ENTERPRISES 7/10 6/10 9/10 7/10 9/10 9/10 7/10 8/10 7/10 7/10 CLEAR TERMS EXPLICIT CONSENT 7/10
Page 1 of 1
Localize