NationStates

I am curious now, as my nation does now have a GDPR-like law, named the Digital Security & Privacy Law, which enforces regulations on foreign companies and also establishes some anti-digital-terrorism policies, such as enforced device monitoring.

So like it says in the subject of this thread, does your nation have a law like this one, like the GDPR or CCPA?

Yes, all digital devices are monitored by the Ministry of Truth's crown jewel - essentially a Thought Police FBI and CIA rolled into one - the OIA (Orwellian Intelligence Agency). The OIA can and will infring upon any citizen's digital (anything, really) privacy if said citizen is suspected of commiting a thoughtcrime of treason, terrorism, or dissent.

To the contrary, the Hoyerlayian government generally can’t track the general population except for those who pose a risk to the national security of the realm or in order to stamp out child pornography or online grooming (in these case the government can break privacy laws and has in fact been very successful in tackling these issues). Also, any tech companies that try to collect data or information (spy) from people will be punished heavily and its executives could be imprisoned.

In Crossoveria, online civilian activity is strictly monitored by the government, namely the Departments of Communications and Homeland Security. This has been enabled in the 2009 Digital Monitoring Act, and it allows the government to see what people do on the internet to make sure they don't break the other strict laws that exist in this country. This may include texting things considered defamatory to the Supreme Leader and going to sites blocked in Crossoveria. People could get arrested for these activities, as enabled by this law.

Tinhampton actually has the GDPR, owing to fluid placey-wacey.

OOC: Also I don't think that the DSPL is at all analogous to the GDPR because you've written a digital surveillance law while the EU's written a data protection law

Tinhampton wrote:Tinhampton actually has the GDPR, owing to fluid placey-wacey.

OOC: Also I don't think that the DSPL is at all analogous to the GDPR because you've written a digital surveillance law while the EU's written a data protection law

OOC: That makes sense for the most part, but eh...it does have SOME data provisions, such as the storing of data by foreign companies and the 'right to be forgotten' essentially embedded in there, at least from an international standpoint.

Yes. The Consumer Data Protection Act of 2017 was modeled directly after the GDPR, however the CDPA doesn’t just cover digital data but any data including physical data like signatures, fingerprints, photos, and other data.

In terms of data surveillance the National Security Act of 1983 and National Security Act of 2003 allows the Thermodolian National Service Directorate to collect and record all phone calls, emails, texts, video messages, websites, IP addresses, and any other digital mediums. The NSA 2003 also allows the TNSD to monitor websites but only with a warrant obtained from a judge.

However while the TNSD is allowed to collect this information they can only search through this data with a warrant. The government is only allowed to collect and store such information but not use it without a warrant

Thermodolia wrote:Yes. The Consumer Data Protection Act of 2017 was modeled directly after the GDPR, however the CDPA doesn’t just cover digital data but any data including physical data like signatures, fingerprints, photos, and other data.

In terms of data surveillance the National Security Act of 1983 and National Security Act of 2003 allows the Thermodolian National Service Directorate to collect and record all phone calls, emails, texts, video messages, websites, IP addresses, and any other digital mediums. The NSA 2003 also allows the TNSD to monitor websites but only with a warrant obtained from a judge.

However while the TNSD is allowed to collect this information they can only search through this data with a warrant. The government is only allowed to collect and store such information but not use it without a warrant

A top secret CIB agent walks up to a Thermodolia official and hands them a piece of paper and walks away, on it, it simply says "Rules against other parties?"

Yes.

• The Entity has GDPR-like laws (orders). These laws are focussed on protecting personal and sensitive data from people and organisations who will use it for criminal purposes. These penalises the use of Entity-based data for criminal actions and dishonest activities.
• The Entity has DSPL-like laws (orders). These laws are focussed on collecting digital data from people and organisations within or connected to the Entity. These limits the use of data collected and outlines processes in which these can be accessed by police, journalists, etc.

We don't have a GDPR-like law, we have the GDPR in our nation.

The GDPR became valid in Aikoland on 20 July 2018, the same date as it became valid in Iceland, Liechtenstein, and Norway, all of which are members of both the European Free Trade Association and the European Economic Area alongside our nation.

Yes, the Special General Data and Privacy Protection Law, and the Special Online Free Speech Protection Law.

The first one severely protects the rights to privacy and data security, severely limitating and regulating on how private companies and government agencies can acquire and use the data and informations they colect and instituting in the Civil Code and in the Penal Code punishments for privacy violations. The law protects any private comunication, any private data and relevant information, from being seized and misused by others. The law is criticized for explicitly allowing many exceptions on privacy protections to law enforcement agencies in certain criminal cases, which many acuse of being an authoritarian measure, although the same law obliges these agencies to follow strict standarts on data colection and breaches of secrecy on comunications and to only use the informations that are exactly relevant to each criminal case, in order to not turn investigations on a series of violations of rights.

The second one protects free speech on the Internet limitating a lot on how companies and Internet providers can use the data they collect from their users and visitors and on how they can moderate contents. Due to this law, the Internet (with a highlight on social networks) are considered as a "modern giant public square", and any citizen publicating something from the nations territory cannot have its content removed, as long it doesn't desrespect the national laws, and any content removal depends on judicial authorization (except for extreme explicit online crimes like the posting of child and rape pornography, clear and concrete physical violence threats, etc.). The law also impose limits on how companies can use their algorithms and how can they can colect such data, complementing the Special General Data and Privacy Protection Law.

Yes Nioya does. Nioyan social media is strongly regulated by the state, in addition to protecting the privacy of all nioyan citizens.

Yes. The Imperial Law of Privacy states in effect that:
[*] All forms of direct marketing is strictly prohibited, including remarketing (selling sth. to recurring customers, soliciting a repeat donation, etc.)
[*] No data may be collected for marketing purpose
[*] All data collected on Imperial data subjects must have a copy on a server located in The Empire
[*] All data collected on Imperial data subjects must be processed in according to the Imperial Law of Privacy (or the national equivalent, whichever is stricter)
[*] All analytics data collection must be strictly opt-in and aggregated in a form where de-anonymization is mathematically impossible
[*] All analytics platform must submit hard mathematical proof of their algorithms to be compliant
[*] Adblockers, tracker blockers, etc. are implemented by all ISPs (you can opt-out by signing a form meaning you will acknowledge all risks to malware and privacy)
[*] Logging of PII are explicitly forbidden
[*] ISP logs are maximized in 24 hours, and can only be used to track abuse or
[*] All messaging services must implement end-to-end encryption of message content and metadata to WA SECRET level.
[*] Rubber hose cryptanalysis (torturing an individual to surrender their encryption keys) is only allowed in case where enhanced interrogation is possible (corruption, terrorism, espionage, capital crimes, drugs)
[*] When asked by a law enforcement officer to surrender one's encryption keys, people enjoy all protections of self-incrimination. (parent/guardian/lawyer must be present, MIRANDA warning recorded and given, etc.)
[*] Only Crown owned surveillance equipment may point to public places. Private surveillance records must be deleted within 24 hours. (An artistic exception is given for photography, video, holograms, drone usage, and dashcams)
[*] Offenders are sanctioned with 5-20 years of prison (in case of corporations, the CEO or the Board of Directors), and 200-500% of the previous year's global income in fines.

This law led to many global sites being unusable in the Empire incloding Monocle (a famous search engine), TellyYou, and MyFace. Other major sites implemented paywalls.

No. Officially, like much else in Victorious Decepticons, the digital space is a free-for-all. However, in reality, Domestic Intelligence constantly monitors everything, and if we spot any kind of dissident, treasonous, anti-cultural, or other offending activity, we will exterminate the lousy traitor without hesitation. Any "followers" of such a person will also be investigated, and if found to be traitors, executed as well.

Some say that the reason we don't officially regulate things like the internet is that we don't want to accidentally restrict the government in its efforts to keep dissent as close to zero as possible. The astute will notice that those who say that are never executed for spreading lies about the government, which is a strong clue that their reasoning is correct.

Of course, spreading dissent is illegal regardless of the medium used. It does not suddenly become legal if done online because "the internet is unregulated." In fact, being dumb enough to spread one's sedition on a medium as public as the internet is a great way to get yourself killed far more quickly than if you ran an underground physical newspaper or other media where distribution can be tightly controlled.

We don’t have that many internet laws except for a few things
-child porn and non-sapient animal porn
-real snuff/ graphic torture vids
-incitement to riot or to encourage other states to invade Vallermoore
-outing of those in formal witness protection. ( Whilst our pro-Deception government scrapped witness protection and replaced it with no restrictions on weapon carrying by witnesses, those who were in it before it ended were allowed to keep their new IDs and it is still a crime to out them).
that are banned online.

Tangatarehua does not have an equivalent law.

There have been proposals, most notably the Digital Privacy Bill of 2015 but this was defeated in Parliament and as yet no similar piece of legislation has managed to pass.