FADP
Swiss data protection law revised in 2023 to align more closely with GDPR while maintaining Swiss specifics.
No additional commentary yet. Contribute on GitHub.
Laws
By Law Type#
Access Laws#
Laws that enable government or law enforcement data access.
No laws found matching the criteria.
Surveillance Laws#
Laws that establish surveillance infrastructure or powers.
No laws found matching the criteria.
Privacy Laws#
Laws that protect individual data rights and privacy.
No laws found matching the criteria.
Localization Laws#
Laws that require data to be stored within jurisdiction.
No laws found matching the criteria.
Security Laws#
National security frameworks without direct data access provisions.
No laws found matching the criteria.
Sector-Specific Laws#
Laws regulating specific sectors (AI, telecom, finance, etc.).
No laws found matching the criteria.
By Government Access Level#
Broad Access#
Bulk collection, minimal oversight, backdoor requirements, or extraterritorial compulsion.
No laws found matching the criteria.
Targeted Access#
Access with warrants or court orders for specific investigations.
No laws found matching the criteria.
Limited Access#
Strong procedural safeguards, narrow scope, independent oversight.
No laws found matching the criteria.
By Data Protection Level#
Strong Protection#
Comprehensive rights (access, erasure, portability), strong enforcement, independent DPA.
No laws found matching the criteria.
Moderate Protection#
Some protections but with significant exceptions or weaker enforcement.
No laws found matching the criteria.
EU-US DPF
Adequacy decision enabling data transfers from EU to participating US companies. Established safeguards for US intelligence access and redress mechanisms for EU citizens. Successor to invalidated Privacy Shield.
No additional commentary yet. Contribute on GitHub.
ePrivacy Directive
Privacy rules for electronic communications including cookies, spam, and confidentiality of communications. Complements GDPR for the communications sector.
No additional commentary yet. Contribute on GitHub.
EO 12333
Presidential directive authorizing US intelligence agencies to collect foreign intelligence outside US territory. Applies to data in transit through US infrastructure and data held by US companies abroad.
No additional commentary yet. Contribute on GitHub.
Ekomloven
Regulates electronic communications networks and services, including data retention and lawful interception requirements.
No additional commentary yet. Contribute on GitHub.
EEA Agreement
Extends EU internal market to EFTA states (except Switzerland). Includes adoption of EU data protection laws.
No additional commentary yet. Contribute on GitHub.
ECPA
Government access to electronic communications and stored data with various warrant requirements.
No additional commentary yet. Contribute on GitHub.
DSA
Platform liability and transparency rules. Requires notice-and-takedown procedures, algorithmic transparency for very large platforms, and risk assessments for systemic risks.
No additional commentary yet. Contribute on GitHub.
DPDP Act
Personal data protection with broad government exemptions for national security.
No additional commentary yet. Contribute on GitHub.
DORA
Digital resilience requirements for financial entities including banks, insurers, and crypto providers. Mandates ICT risk management, incident reporting, and oversight of third-party ICT service providers.
No additional commentary yet. Contribute on GitHub.
DMA
Regulates gatekeeper platforms to ensure fair competition. Requires interoperability, data portability, and prohibits self-preferencing by dominant platforms.
No additional commentary yet. Contribute on GitHub.
DGA
Framework for data intermediaries and data altruism organizations. Facilitates data sharing while maintaining trust through registration and oversight requirements.
No additional commentary yet. Contribute on GitHub.
Data Security Law
Data classification system, cross-border transfer restrictions, and government access for national security.
No additional commentary yet. Contribute on GitHub.
Data Localization Law
Personal data of Russian citizens must be stored on servers physically located in Russia.
No additional commentary yet. Contribute on GitHub.
Data Act
Rules on data sharing between businesses, access to data by public sector, and cloud switching rights.
No additional commentary yet. Contribute on GitHub.
Cybersecurity Law
Data localization requirements, security reviews, and network operator obligations for critical infrastructure.
No additional commentary yet. Contribute on GitHub.
CRA
Cybersecurity requirements for products with digital elements. Mandates security-by-design, vulnerability handling, and CE marking for connected devices and software.
No additional commentary yet. Contribute on GitHub.
CLOUD Act
The CLOUD Act allows US law enforcement to compel US-based technology companies to provide data stored on their servers, regardless of where that data is physically located. This extraterritorial reach is one of the most significant concerns for organizations seeking data sovereignty.
BDSG
German federal data protection law supplementing GDPR with additional national requirements.
No additional commentary yet. Contribute on GitHub.
APPI
Japanese data protection law, revised in 2020 to strengthen protections and align with GDPR.
No additional commentary yet. Contribute on GitHub.