Information privacy law

Information privacy law or data protection laws prohibit the disclosure or misuse of information about private individuals. Over 80 countries and independent territories, including nearly every country in Europe and many in Latin America and the Caribbean, Asia, and Africa, have now adopted comprehensive data protection laws. The European Union has the General Data Protection Regulation, in force since May 25, 2018. The United States is notable for not having adopted a comprehensive information privacy law, but rather having adopted limited sectoral laws in some areas. Information privacy law or data protection laws prohibit the disclosure or misuse of information about private individuals. Over 80 countries and independent territories, including nearly every country in Europe and many in Latin America and the Caribbean, Asia, and Africa, have now adopted comprehensive data protection laws. The European Union has the General Data Protection Regulation, in force since May 25, 2018. The United States is notable for not having adopted a comprehensive information privacy law, but rather having adopted limited sectoral laws in some areas. These laws are based on Fair Information Practice that was first developed in the United States in the 1970s by the Department for Health, Education and Welfare (HEW). The basic principles of data protection are: The Data Act is the world's first national data protection law and was enacted in Sweden on 11 May 1973. In the Philippines, The Data Privacy Act of 2012 mandated the creation of the National Privacy Commission that would monitor and maintain policies that involve information privacy and personal data protection in the country. Modeled after the EU Data Protection Directive and the Asia-Pacific Economic Cooperation (APEC) Privacy Framework, the independent body would ensure compliance of the country with international standards set for data protection. The law requires government and private organizations composed of at least 250 employees or those which have access to the personal and identifiable information of at least 1000 people to appoint a Data Protection Officer that would assist in regulating the management of personal information in such entities.