Everything you need to know about the American Data Act

You’re being watched.

Well, not literally. But every person, every second of every day, is subject to organisations gathering data on us. And, while we’re all well-versed in the importance of data security, too few of us know exactly what’s happening with this information.

That’s why the American Data Privacy Protection Act (ADPPA – catchy, we know) is such a historic development. For the first time, it looks as if the way data is collected in the US could be regulated at a federal level, having so far simply been left in the hands of individual states.

So, why should you care about what’s happening on the other side of the world? Well, despite what the name might suggest, it’s actually EU citizens who are most likely to be affected by the upcoming change. So, if you’re operating a European company, it’s time to get clued up.

What is the American Data Privacy Protection Act?

To put it in layman’s terms, the ADPPA will be the first act to deal with the data privacy of EU subjects at a federal level in the US (if it’s passed into law).

In the UK and EU, GDPR dictates what organisations are and aren’t allowed to do with an individual’s data – ultimately giving us more rights and control over our information. But, since the landmark Schrems II case in 2020, there’s been no legislation to govern how data from EU subjects should be dealt with if transferred to the US.

This might not sound too serious, but if you’re an EU-based company sending data from your European clients to US customers, you could be in breach of GDPR. For example, let’s take a look at everyone’s favourite workplace communication tool, Zoom. As a US company, when you record a Zoom meeting, it’s likely to be stored in an American data centre. Historically, you wouldn’t have been able to ask Zoom to delete this information – but the ADPPA remedies that.

How will it affect business owners in the EU and UK?

The good news is… it’s all good news. The ADPPA will provide an extra layer of privacy and protection to your clients’ and customers’ data, ensuring you stay compliant when trading with the US.

If passed into law, data protection will be much easier to enforce. Previously, data privacy has come under the discretion of individual states and regional jurisdictions. A state like California has very strict data laws and this hasn’t been a problem. But for neighbouring Arizona, where no comprehensive bills exist, enforcing uniform data treatment is near-impossible. Overall, EU business owners should welcome the Act as a positive change.

And those of us in the UK are likely to be affected by very similar post-Brexit legislation in the coming years – so it’s best to be prepared for a changing data privacy landscape.

What should you do now?

Here are a few comprehensive steps to help get ready for the ADPPA…

Get educated

Congratulations! You’ve already made a great start. With the world of technology changing so rapidly, it’s important to ensure you’ve got a good understanding of how current laws and regulations affect you and your company. Read up on industry news and stay in the loop.

Train your staff

It’s more crucial than ever that staff receive detailed GDPR training to remain compliant and avoid significant blunders. Take this time to upskill your team ahead of the ADPPA.

Reach out to an expert

If you still can’t make heads or tails of data privacy, get in touch with a team of experts to take the load off.

Ready yourself for the ADPPA

Fasthosts ProActive can help support you and your organisation to get ready for the American Data Privacy Protection Act. Speak to an expert to find out more.

Download and share

If you want to read this blog post offline, save it for later or share with a colleague, click the button below to download a PDF version.