Personal Data and the GDPR: Providing a Competitive Advantage for U.S. Companies

IF 1.3 3区社会学 Q3 BUSINESS American Business Law Journal Pub Date : 2019-05-20 DOI:10.1111/ablj.12139

W. Gregory Voss, Kimberly A. Houser

{"title":"Personal Data and the GDPR: Providing a Competitive Advantage for U.S. Companies","authors":"W. Gregory Voss, Kimberly A. Houser","doi":"10.1111/ablj.12139","DOIUrl":null,"url":null,"abstract":"<p>The European Union's General Data Protection Regulation (GDPR) became applicable in May 2018. Due to the GDPR's extraterritorial scope, which could result in massive fines for U.S. companies, comparative data privacy law is of great current interest. In June 2018, California passed its own Consumer Privacy Act, echoing some of the provisions of the GDPR. Despite the many articles comparing the two schemes of law, little attention has been given to the foundation of these laws, that is, what exactly encompasses the data referred to by these laws? By understanding how the term “personal data” or “personal information” is defined in both jurisdictions, and why these definitions and the treatment of protected data are so different, companies can strategize to take advantage of these developments in the European Union. After explaining the differences in how data is treated in the United States and the European Union by exploring the definitions, regulations, and court cases, we will explore the five legal strategy pathways that companies might pursue with respect to the legal aspects of data transfer and privacy law compliance. While these strategies range from ignoring the law to adopting the European model worldwide, this analysis of legal strategy reveals a means for companies to gain a competitive advantage through their adoption of a worldwide compliance scheme.</p>","PeriodicalId":54186,"journal":{"name":"American Business Law Journal","volume":"56 2","pages":"287-344"},"PeriodicalIF":1.3000,"publicationDate":"2019-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1111/ablj.12139","citationCount":"20","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"American Business Law Journal","FirstCategoryId":"90","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1111/ablj.12139","RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"BUSINESS","Score":null,"Total":0}

引用次数: 20

Abstract

The European Union's General Data Protection Regulation (GDPR) became applicable in May 2018. Due to the GDPR's extraterritorial scope, which could result in massive fines for U.S. companies, comparative data privacy law is of great current interest. In June 2018, California passed its own Consumer Privacy Act, echoing some of the provisions of the GDPR. Despite the many articles comparing the two schemes of law, little attention has been given to the foundation of these laws, that is, what exactly encompasses the data referred to by these laws? By understanding how the term “personal data” or “personal information” is defined in both jurisdictions, and why these definitions and the treatment of protected data are so different, companies can strategize to take advantage of these developments in the European Union. After explaining the differences in how data is treated in the United States and the European Union by exploring the definitions, regulations, and court cases, we will explore the five legal strategy pathways that companies might pursue with respect to the legal aspects of data transfer and privacy law compliance. While these strategies range from ignoring the law to adopting the European model worldwide, this analysis of legal strategy reveals a means for companies to gain a competitive advantage through their adoption of a worldwide compliance scheme.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

个人数据和GDPR:为美国公司提供竞争优势

欧盟的《通用数据保护条例》(GDPR)于2018年5月开始适用。由于GDPR的域外范围可能导致美国公司面临巨额罚款，因此比较数据隐私法目前备受关注。2018年6月，加州通过了自己的《消费者隐私法》(CaCPA)，与GDPR的一些条款相呼应。尽管有许多文章比较了这两种法律方案，但很少有人关注这些法律的基础，即，究竟是什么包含了这些法律所涉及的数据?通过了解术语“个人数据”或“个人信息”在两个司法管辖区是如何定义的，以及为什么这些定义和受保护数据的处理如此不同，公司可以制定战略来利用欧盟的这些发展。通过探讨定义、法规和法庭案例，解释了美国和欧盟处理数据的方式的差异之后，我们将探讨公司在数据传输和隐私法合规的法律方面可能追求的五种法律战略途径。虽然这些策略的范围从无视法律到在全球范围内采用欧洲模式，但对法律策略的分析揭示了公司通过采用全球合规计划获得竞争优势的一种手段。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

American Business Law Journal Multiple-

CiteScore

1.10

自引率

16.70%

发文量

期刊介绍： The ABLJ is a faculty-edited, double blind peer reviewed journal, continuously published since 1963. Our mission is to publish only top quality law review articles that make a scholarly contribution to all areas of law that impact business theory and practice. We search for those articles that articulate a novel research question and make a meaningful contribution directly relevant to scholars and practitioners of business law. The blind peer review process means legal scholars well-versed in the relevant specialty area have determined selected articles are original, thorough, important, and timely. Faculty editors assure the authors’ contribution to scholarship is evident. We aim to elevate legal scholarship and inform responsible business decisions.

期刊最新文献

Issue Information Protecting the protectors: Whistleblowing and retaliation in the compliance arena The venture corporation Joke or counterfeit? Balancing trademark parody and consumer safety in the edibles market Issue Information