Privacy Laws Around the World

Europe

EU law

1. The General Data Protection Regulation (in all EU official languages) – will enter into force on 25 May 2018.

2. The Data Protection Directive for the law enforcement area (in all EU languages)

3. Directive 95/46 for the protection of persons with regard to personal data

4. Council framework decision 2008/977 for data protection in the law enforcement area

5. ePrivacy Directive 2002/58

6. Regulation 45/2001 for the protection of personal data by EU institutions and bodies

7. EU-US Privacy Shield – adequacy decision and Annexes in all EU official languages

National law

1. UK – Data Protection Act (EN)

2. Spain – Ley Organica 15/1999 (ES)

3. Germany – Bundesdatenschutzgesetz (DE)

4. France – Loi n° 78-17 du 6 janvier 1978 relative à l’informatique, aux fichiers et aux libertés (FR)

 

1o. Greece – Law 2742/1997 and Law 3471/2006 (in EN)

United States

Federal laws

  1. Driver’s Privacy Protection Act of 1994 – 18 U.S. Code 2721 and following
  2. Family Educational Rights and Privacy Act of 1974 (FERPA) – 20 U.S. Code section 1232g
  3. Fair Credit Reporting Act (FCRA) – 15 U.S. Code sections 1681-1681u
  4. Fair Debt Collection Practices Act – 15 U.S. Code sections 1692-1692p
  5. Federal Privacy Act of 1974 – 5 U.S. Code section 552a
  6. Financial Services Modernization Act of 1999, Gramm-Leach-Bliley (GLB), Privacy Rule – 15 U.S. Code sections 6801-6809
  7. Video Privacy Protection Act of 1988 – 18 U.S.Code section 2710
  8. HIPAA Privacy Rule (Health Insurance Portability and Accountability Act)
  9. ECPA (Electronic Communications Privacy Act 1986); U.S. Code sections 2510-2522, 2701-2711, 3121,1367

State laws

  1. California – Several laws
  2. Michigan – Internet Privacy Protection Act

Canada

Federal laws

  1. Privacy Act (R.S.C., 1985, c. P-21) (personal data processing by federal government and agencies)
  2. Personal Information Protection and Electronic Documents Act (PIPEDA- federal private-sector privacy law)

Province laws

  1. Alberta: Personal Information Protection Act
  2. British Columbia: Personal Information Protection Act
  3. Québec: An Act Respecting the Protection of Personal Information in the Private Sector
  4. Ontario – Personal Health Information Protection Act
  5. New Brunswick – Personal Health Information Privacy and Access Act
  6. Newfoundland and Labrador’s – Personal Health Information Act

South America

  1. Argentina – Ley 25.326. Proteccion de los Datos Personales
  2. Peru – Ley de Proteccion de Datos Personales Ley No 29733

Asia

  1. Japan – Amended Act of the Protection of Personal Data (EN – unofficial translation)

Australia

  1. Commonwealth Privacy Act 1988 including:
  2. Privacy Amendment (Private Sector) Act 2000 and the
  3. National Privacy Principles (NPPs) & associated Guidelines

Africa

  1. Morocco – Loi n° 09-08 relative à la protection des personnes physiques à l’égard du traitement des données à caractère personnel

 

Last Update – August 2017

This is by no means a complete list. Please, send me an e-mail (gabriela.zanfir@protonmail.com) or leave a comment here with a link to a privacy law that would help complete the list.

I would like to thank Irene Kamara and Rosario Ines Murga Ruiz for their additions to this list.

8 responses to “Privacy Laws Around the World

  2. Search Encrypt | July 17, 2019 at 1:10 pm | Reply

    People need to consider that even if their own country has super strong privacy laws, the 5-eyes, 9-eyes and 14-eyes alliances created after WWII have allowed governments to spy on their citizens using information gathered from other countries.

    Like

  3. Harald O. Bakke | September 7, 2019 at 5:27 am | Reply

    Norwegian law incorporating GDPR: https://lovdata.no/dokument/NL/lov/2018-06-15-38 (Personopplysningsloven)

    I also added your site to the Awesome GDPR resources: https://github.com/bakke92/awesome-gdpr#awesome-gdpr

    Like

  4. Bakke | September 7, 2019 at 5:34 am | Reply

    Norway: https://lovdata.no/dokument/NL/lov/2018-06-15-38 (incorporating GDPR in national law and giving some additional legislation).

    I have added your site to my “Awesome GDPR” resources here: https://github.com/bakke92/awesome-gdpr#awesome-gdpr-

    Like

  5. Aornthanatt | July 14, 2020 at 9:06 am | Reply

    Thailand also has a Personal Data Protection Act (PDPA) announced on 25 May 2019. see further https://www.etda.or.th/app/webroot/content_files/13/files/The%20Personal%20Data%20Protection%20Act.pdf

    Like

  6. Pingback: Securing internet-connected devices in healthcare – Tubesock, Inc.

  7. Pingback: Securing internet-connected devices in healthcare – Tubesock, Inc.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.