GDPR: Governance Implications for Regimes outside the EU

Around 120 nations protect personal data with at least another 30 in train. Many regimes reflect the OECD Privacy Guidelines. However, these guidelines, and their regimes, may no longer be effective. The EU’s 2016 General Data Protection Regulation (GDPR) is a game changer. That new regulation elsewhere reflects the GDPR suggests much about the impact of globalisation. Inevitably, this impacts organisations in international commerce/business relationships. Three questions are explored with reference to two non-EU regimes: how is the GDPR likely to affect governance of organisations? What gaps are there in existing privacy regimes? And what are the governance and risk management implications?