Privacy regulations are being developed and altered globally. An American company working transnationally will want to make sure to comply with the privacy regulations of each country in which the company either conducts business or otherwise utilizes that country’s citizens’ data. Currently, the GDPR has the strictest standards regarding data processing agreements between a primary organization and another data processor. While the CCPA/CPRA and the PDPA require DPAs, a company in compliance with the GDPR will likely comply with the CCPA/CPRA and the PDPA. Case law is evolving to address the extent of the reach of the extraterritorial legislation. However, if a company is engaged in extensive data collection, then the company should ensure compliance with all relevant privacy regulations.

As new legislative responses emerge worldwide, it is crucial for companies engaged in international business transactions to ensure compliance with the different standards of that extraterritorial legislation.



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.