The US The National Retail Federation (NRF) together with EuroCommerce have published a paper explaining about the impact of GDPR compliance, the now well-known in the EU at least, data and privacy law that came into force last week. Of particular note, is the the NRF’s view that this highlights the increasing nature of global trade, increasingly driven by ecommerce.
You can examine the paper in full here.
These are European rules but they have significant implications for many U.S. retailers. This effort will help inform EU regulators as well as retailers on both sides of the Atlantic about an effective retail approach to compliance with critical elements of the GDPR. It is particularly important for U.S. companies that might not be fully versed in the EU’s new privacy requirements. In the world’s growing global economy, U.S.-based retailers’ consumer privacy and data security programs increasingly need to reflect worldwide obligations, not just national or state requirements.
Matt Shay, NRF President and CEO
Although GDPR is an EU law, it also affected retailers that have headquarters in any EU country, companies from countries around the world that have stores in Europe, those that target sales to Europeans over the web or mobile and or track European consumers online in any way.
As the paper notes, there a great number of questions that remain unanswered regarding exactly how it might impact American and other global retailers and what exactly will be required for GDPR compliance. And, needless to say, how and if any sanctions can be applied.
It’s another useful spotlight on GDPR which is looking increasingly complicated to implement. And demonstrates that global trade brings with it a variety of particular, perhaps even unseen, implications. What is perhaps most concerning so far has been the distinct of guidance to merchants regarding GDPR compliance. And that’s as true within the EU as it is for nations further afield.