As a sector intrinsically tied to digital technology, cyber insurance is known for its dynamic and evolving nature. In 2019, the cyber insurance industry began to grapple with multiple headwinds including record General Data Protection Regulation (GDPR) fines, the introduction of new privacy regulations and systemic ransomware claims.
When the European Union GDPR took effect in May 2018, it marked a major turning point in data privacy regulation. Two years on, the GDPR has undergone its first major review.
The GDPR’s two-year report card is mixed. The two-year evaluation report by the European Commission heralds the GDPR’s success in strengthening individuals’ rights to personal data protection. It also finds that the GDPR is proving flexible to support digital solutions in unforeseen circumstances, such as the development of tracing apps during the COVID-19 crisis.
In this article, Guy Carpenter-affiliate Marsh looks at the two-year track record of GDPR, and look at other global privacy regulations in the United States, Canada, Brazil, Australia, New Zealand, China, Vietnam, Singapore, Thailand, South Korea and India.