CCPA: The California Consumer Privacy Act (California, United States)

This privacy law came into effect in January 2020. It gave California residents the right to know what personal information is being collected about them, the right to request that their personal information be deleted, and the right to opt out of the sale of their data.

PECR: The Privacy and Electronic Communications Regulations (UK)

These regulations govern the use of electronic communications, such as email and text messages, in the UK. They require organizations to obtain consent from individuals before sending marketing messages and set out rules for using cookies and similar technologies.

AAP: Australia's Privacy Principles (Australia)

These principles are part of the Privacy Act 1988 and govern Australian government agencies and organizations' collection, use, and disclosure of personal information. They require organizations to take reasonable steps to protect personal information and give individuals the right to access and correct their data.

PIPEDA: The Personal Information Protection and Electronic Documents Act (Canada)

This privacy law governs the collection, use, and disclosure of personal information by private sector organizations in Canada. It requires organizations to obtain consent for collecting, using, and disclosing personal data and to safeguard personal information in their possession.

LGPD: The Brazilian General Data Protection Law (Brazil)

This privacy law was enacted in August 2020 and set out rules for collecting, using, and processing personal data in Brazil. It gives individuals the right to access, correct, and delete their personal information and imposes penalties for organizations that violate the law.

CPRA: The California Privacy Rights Act (California, United States)

The California Privacy Rights Act is an expansion of the CCPA passed in November 2020 and will come into effect in 2023. It enhances consumer privacy rights and creates a new enforcement agency for privacy violations.

ICO: The Information Commissioner's Office (United Kingdom)

The Information Commissioner's Office is a regulatory body responsible for enforcing the GDPR and PECR in the UK. It guides organizations in complying with these regulations and investigates and imposes penalties for breaches.

GPDP: The Personal Data Protection Law (China)

The Personal Data Protection Law is a privacy law that took effect on 1st November 2021 in China. It sets out requirements for collecting, processing, and transferring personal data and includes provisions for data subjects' rights and for protecting sensitive personal data.

DSGVO: The Datenschutz-Grundverordnung (European Union)

The Datenschutz-Grundverordnung is the German term for the GDPR, a regulation of the European Union that sets out requirements for collecting, processing, and transferring personal data.

BfDl: The Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (Germany)

The Bundesbeauftragte für den Datenschutz und die Informationsfreiheit is the German federal commissioner for data protection and freedom of information. It enforces data protection laws and respects individuals' privacy rights.

CNIL: The Commission Nationale de l'Informatique et des Libertés (France)

The Commission Nationale de l'Informatique et des Libertés is a French regulatory body responsible for enforcing data protection laws and ensuring individuals' privacy rights are respected.

AEPD: The Agencia Española de Protección de Datos (Spain)

The Agencia Española de Protección de Datos is a Spanish regulatory body responsible for enforcing data protection laws and ensuring individuals' privacy rights are respected.

PDPB: The Personal Data Protection Bill (India)

The Personal Data Protection Bill is a privacy bill passed by the Indian parliament in 2019 but is not yet in force. It sets out requirements for collecting, processing, and transferring personal data and includes provisions for data subjects' rights and for protecting sensitive personal data.

DPA: The Data Protection Act (United Kingdom)

The Data Protection Act is a UK law passed in 2018 to supplement and complement the GDPR. It sets out additional requirements for processing personal data in the UK.

PDPA: The Personal Data Protection Act (Singapore)

The Personal Data Protection Act is a privacy law that was enacted in 2012 in Singapore. It sets out requirements for collecting, processing, and transferring personal data and includes provisions for data subjects' rights and the protection of sensitive data.

TTDSG: The Telemedia Act (Germany)

The Telemedia Act is a German law implementing the ePrivacy Directive in Germany. It sets out requirements for using cookies and similar technologies and includes provisions for obtaining user consent.

POPIA: The Protection of Personal Information Act (South Africa)

The Protection of Personal Information Act is a privacy law that came into effect in 2020 in South Africa. It sets out requirements for collecting, processing, and transferring personal data and includes provisions for data subjects' rights and for protecting sensitive personal data.

APA: The Administrative Procedure Act (United States)

The Administrative Procedure Act is a federal law that governs how federal agencies develop and issue regulations. It includes provisions for public participation and transparency in the rulemaking process.

ePrivacy: The ePrivacy Directive (European Union)

The ePrivacy Directive is a directive of the European Union that sets out requirements for using cookies and similar technologies and for processing personal data in electronic communications. It applies to all electronic communication service providers operating in the EU.

COPPA: The Children's Online Privacy Protection Act (United States)

The Children's Online Privacy Protection Act is a federal law that regulates the online collection of personal information from children under 13 years old. It requires websites and online services that collect data from children to obtain verifiable parental consent and provide specific notices.

CASL: The Canadian Anti-Spam Law (Canada)

The Canadian Anti-Spam Law is a law that regulates the sending of commercial electronic messages, including emails and text messages, and the installation of computer programs on other people's computers. It requires senders to obtain consent from recipients before sending messages and includes provisions for opt-out mechanisms.

Australian Privacy Principles (APPs)

The Australian Privacy Principles are a set of principles that govern the collection, use, and disclosure of personal information by Australian government agencies and organizations. They were introduced as part of the Privacy Amendment (Enhancing Privacy Protection) Act 2012 and apply to all private sector and government organizations in Australia.

The "Marco Civil" Privacy Act 1988 (Brazil)

The "Marco Civil" Privacy Act is a Brazilian law that governs Internet use and protects the online privacy and freedom of expression. It sets out principles for collecting, using, and storing personal data and includes user consent, data protection, and data retention provisions.