Nearly every company in the world is struggling to effectively manage the broad range of legal and operational risks associated with data. Data is everywhere, and everyone is working to avoid wrongful disclosures, theft of informational assets, and the losses related to the costly legal fallout. This is the result, in large part, of the heightened regulatory scrutiny and marketplace expectations facing multinationals linked electronically across country borders, and increasingly dependent on service providers for their core business functions. Against this backdrop, Baker & McKenzie is pleased to present the results of its Global Data Protection Enforcement Report. We set out to give legal and compliance risk managers an understanding of the data enforcement laws in place around the world in the hopes of better equipping them to make informed decisions about how to manage risks associated with data. To this end, we surveyed local counsel in 37 jurisdictions throughout the Americas, EMEA, and APAC, and asked them to describe the legal risks associated with violations of data protection laws, and summarize enforcement activities among local data protection authorities. The findings of this Report further demonstrate how important it is to enhance compliance controls in large, multinational corporations with the goal of reducing the risk of an enforcement action on foreign soil. These internal compliance controls include conducting Privacy Impact Assessments, preparing data flow maps as part of any new project involving cross-border data transfers, and creating a culture of awareness surrounding privacy and the wide spectrum of potentially applicable laws. We hope you find it useful within your organizations.
