Laws & Regulations
Global Privacy Laws and Regulations
As globalization and advances in technology continue to drive innovation, competitiveness, and economic growth, privacy and data protection laws proliferate around the world. Over 130 countries now have their own data protection laws regulating the collection, use, disclosure and security of personal information.
Stanford follows the Minimum Privacy Standards to the extent applicable for the collection, processing, transfer, deletion and other use of personal data at Stanford. While the scope and implementation of data protection laws vary by country, strong data protection are driven by core privacy principles. To efficiently operate globally and manage new and evolving risks, stay tuned for the latest privacy requirements and best practices in data protection. If you have questions related to the applicability and compliance with global data privacy laws for your activity, please submit a Service Request.
More information on global data privacy laws can be found at:
UNCTAD Data Protection and Privacy Legislation Worldwide
IAPP Global Comprehensive Privacy Law Mapping Chart
IAPP Global Privacy Law and DPA Directory
General Data Protection Regulation (GDPR)
The GDPR is a European Union data privacy law designed to give the European Economic Area subjects (both citizens and non-citizens) more control over how their personal data are collected, used, and protected.
Learn more about GDPRPersonal Information Protection Law (PIPL)
Stanford researchers who are collecting information covered by PIPL must obtain written consent from the data subjects. Refer to the following for details: