Nowadays, in the different geographic areas that make up the world, simplifying Europe, the United States and China to the extreme, all the new regulations – Cloud Act on the US side, GDPR on the European side and the latest law on personal data in China (Personal Data Protection Act) — is subject to extraterritorial control. This means that they obviously apply to an area that could be the United States, the EU or China, but also to all companies that have activities in that zone. There may be some friction here.
Taking the example of a US company, it must be subject to US trade law and the Cloud Act. But if it is active in Europe, it must also comply with the GDPR. So these rules conflict with each other. With this extraterritorial character, everyone tries to impose their values on the data a bit on others. In a way, the EU was the first with the GDPR in 2018, but we can see the other areas reacting, not to copy the GDPR, but to impose their view on personal data, which may be different. † It is quite a political and legal position of the various schemes.
The second point concerns the awareness of the general public about all these themes. I think the subject of personal data was little known to the general public in 2015. But in 2018 with the GDPR, people, at least in businesses, heard about it. It may have been limited to a professional environment, but there was already a first culture, cookie banners started to appear… Little by little there was a general awareness, but also all the scandals related to possible data breaches and misuse of data to focus on targeting certain people and influencing local and national elections. This is all part of an awareness that has gradually increased since 2015 with regulation, bad buzz and all the scandals.
The third point is what I call the marketing of: privacy, with which Apple has made its brand image. From time to time, the California giant airs commercials in which he doesn’t even talk about his products, only privacy† In these places, Apple claims to guarantee the safety of your smartphone. The company does not sell an application, nor a new iPhone, but the fact that we are the trusted third party for personal data and exchanges that we may have with others.
In addition, the protest has been organised. Non-governmental associations and privacy activists, such as NOYB (None Of Your Business), have taken up the subject. Max Schrems, the founder of NOYB, has also become the nightmare of Google and Facebook. As soon as there is a wolf, this lawyer, well aware of the possible flaws in the texts, systematically attacks to claim that one text is no better than another and that a text is different from the new version.