TODAY: 1 NEW BREACH·LAST 30 DAYS: 4·RECORDS THIS YEAR: 5.6M·MOST TARGETED: GOVERNMENT·TOP ORIGIN: France·LARGEST BREACH: MedCore Systems — S3 Bucket Exposure (4.2M)·GLOBAL THREAT LEVEL: NORMAL·TODAY: 1 NEW BREACH·LAST 30 DAYS: 4·RECORDS THIS YEAR: 5.6M·MOST TARGETED: GOVERNMENT·TOP ORIGIN: France·LARGEST BREACH: MedCore Systems — S3 Bucket Exposure (4.2M)·GLOBAL THREAT LEVEL: NORMAL

Global Regulations

A directory of worldwide data protection laws, enforcement authorities, and breach notification requirements.

🇫🇷

France

General Data Protection Regulation (GDPR) & Loi Informatique et Libertés

The GDPR is the primary law regulating how companies protect EU citizens' personal data.France adapts it locally through the amended French Data Protection Act(Loi Informatique et Libertés), enforced rigorously by the CNIL.

🇺🇸

United States

Sectoral Laws (HIPAA, GLBA) & State Laws (CCPA/CPRA)

The United States lacks a singular federal data privacy law. Instead, it relies on sectoral federal laws (HIPAA for health, GLBA for financials) and comprehensive state-level privacy laws, most notably the California Consumer Privacy Act (CCPA).

🇬🇧

United Kingdom

UK GDPR & Data Protection Act 2018

Following Brexit, the UK retained the EU GDPR in domestic law as the "UK GDPR," sitting alongside the Data Protection Act 2018. It outlines the standard for data protection for individuals residing in the UK.

🇩🇪

Germany

GDPR & Bundesdatenschutzgesetz (BDSG)

Germany implements the EU GDPR with local nuances via the Federal Data Protection Act (BDSG). Germany is known for having one of the strictest data privacy and consumer protection environments in the world.

🇦🇺

Australia

Privacy Act 1988 (Privacy Act)

The main privacy law in Australia is the Privacy Act 1988, which includes the 13 Australian Privacy Principles (APPs). Recent amendments significantly increased maximum penalties following massive national data breaches.

🇨🇦

Canada

Personal Information Protection and Electronic Documents Act (PIPEDA)

PIPEDA applies to private-sector organizations across Canada that collect, use or disclose personal information in the course of a commercial activity, relying on 10 fair information principles. (Soon to be replaced/upgraded by CPPA under Bill C-27).

🇧🇷

Brazil

Lei Geral de Proteção de Dados (LGPD)

The LGPD is Brazil's overarching data privacy law, heavily modeled after the EU GDPR.It establishes 10 legal bases for data processing and creates sweeping rights for data subjects in Brazil.

🇯🇵

Japan

Act on the Protection of Personal Information (APPI)

Japan's APPI is one of Asia's oldest privacy laws. Successive amendments have toughened the law, requiring faster breach notifications and imposing heavier penalties for the misappropriation of data databases.

🇮🇳

India

Digital Personal Data Protection Act (DPDP Act)

Passed in August 2023, the DPDP Act is India's first comprehensive horizontal privacy legislation.It centers on digital data processing, clear- cut consent models, and imposes heavy fines for failure to take reasonable security safeguards.

🇨🇳

China

Personal Information Protection Law (PIPL)

The PIPL works alongside the Cybersecurity Law (CSL) and Data Security Law (DSL) to form China's robust data governance regime.It enforces strict national security reviews, localized data hosting, and significant cross - border transfer hurdles.

🇸🇬

Singapore

Personal Data Protection Act (PDPA)

The PDPA establishes a data protection framework that governs the collection, use, disclosure and care of personal data in Singapore.

🇿🇦

South Africa

Protection of Personal Information Act (POPIA)

POPIA promotes the protection of personal information processed by public and private bodies in South Africa.