Three years have passed since the European Union’s General Data Protection Regulation (GDPR) entered into effect, but according to a recent Bloomberg Law survey, compliance challenges persist, principally due to the so-called GDPR ripple effect.
While compliance efforts are never—or at least, should not be―treated as a “check-the-box” exercise, the GDPR has triggered a proliferation of privacy laws worldwide, rendering the applicability of a given jurisdiction’s regime and an assessment of its divergence from the GDPR as the very first “box” for organizations to address. Recall that the California Consumer Privacy Act (CCPA) was enacted just ...