GDPR, General Data Protection Regulation is a legal set of rules that set a guideline for the collection and processing of personal information from those who reside in the European Union (EU). This regulation applies to all businesses or online websites, no matter their origin.

GDPR calls for companies to implement reasonable data protection measures to safeguard consumers’ data and privacy against data breaches.

The move to implement GDPR by the European Union has seen the US government move toward working on a consumer privacy protection policy, and this has brought about an overflow of data protection bills in the house of congress. Leading technology companies like Apple and Google, based in the U.S are also campaigning for new federal privacy regulations. The implementation of GDPR is setting a global standard, and for businesses to continue running efficiently as before, companies from the U.S will need to adjust and adhere to the General Data Protection Regulation, and maybe even follow suit. Following suit would mean a change in the handling of data security and protection in the United States of America.

The State of California has followed suit and imitated what the European Union has done. Referring to the California Consumer Privacy Act of 2018, the state gave its citizens the right to know what kind of data business organizations hold concerning them, where they got it from, and what the use for it is. Starting in 2020, the citizens from the state of California will have the right to opt-out of the sale of their data to third parties as well as demand deletion of their data from organizational databases. Many technological firms are facing the prospect of incongruent data privacy rules across different states, leading to the call for a comprehensive federal law on data security and privacy.