CTRL Center’s Reference Desk offers a region-by-region survey of data-protection laws. Unfortunately, just like everything else relating to cybersecurity, the landscape is constantly changing. Where can you go to make sure you know the very latest legal developments? Read on for some advice.
After many years of looking the other way, the U.S. government has finally mustered to the political will to “do something” about cybersecurity regulations. The only trouble is, the Feds never seem to do just one something
but instead start dozens of somethings
all at once. Indeed, cybersecurity regulations will likely arrive not just from the corners you’d expect—such as the Federal Trade Commission—but also ones you might not expect—such as the Food & Drug Administration and the Department of Transportation.
Here at the CTRL Center, we do our best to keep our offerings as fresh as possible. But there are organizations that specialize in these precise topics, and they can give you even fresher information than we can. If you need more updates—or if you want to go deeper than our thumbnail surveys—here are some of our favorite sources for keeping track of cybersecurity and privacy regulations.
NIST Computer Security Resource Center
The National Institute of Standards and Technology (NIST) is one of the best destinations for all things cybersecurity. At their Computer Security Resource Center
(CSRC) you can find updates about all manner of evolving rules and standards.
The International Association of Privacy Professionals (IAPP) offers a number of regularly updated resources that you can use to stay on top of legal developments. Refer to their Privacy Tracker
for global news and analysis. For information closer home, see their US State Privacy Regulation Tracker
. The page has useful maps, charts, and infographics to help you understand what regulations mean and how they apply to your business. Check back often!
Every year since 2012, DLA Piper has been issuing a new Data Protection Laws of the World Handbook. This must-see downloadable reference
offers up-to-date information and analysis of the state of privacy regulation in 100 different jurisdictions—if your country of interest isn’t covered in our analysis, we bet you’ll find what you need in DLA Piper’s offerings. Meanwhile, their map page
even allows you to compare laws across nations.
UNCTD Data Protection and Privacy Legislation
The United Nations Conference on Trade and Development (UNCTD) maintains a page on Data Protection and Privacy Legislation Worldwide
. You can get basic data listed by country or region. While you’re there, make your way over to their pages on e-transactions, cybercrime, and consumer protection.
The National Conference of State Legislatures maintains a Cybersecurity Legislation
page, offering granular details about data regulations by state, as well as analysis of broader trends.
The Electronic Privacy Information Center (EPIC) is a leading advocate for civil liberties online. Their “Issues” pages offer background on key topics as well as links to updates, press releases, and archival material about their legislative efforts. Their section on Privacy Laws
has information on both international and U.S. legislation, and you can also refer to their pages on Consumer Privacy
, and Data Protection
for backgrounders and updates on those subjects. You can also sign up for their monthly newsletter
Georgetown Law Library
The hardworking folks at Georgetown have put together a mind-bendingly thorough collection of resources on cybersecurity law and data privacy. Their International and Foreign Cyberspace Law Research Guide
covers a host of topics beyond data privacy, from internet governance and commerce to crime and terrorism. Of particular interest to us is the section on Data Privacy
, which includes links to information on both international and domestic U.S. concerns.