Data Sovereignty and Cross-Border Privacy Laws in the Age of AI: India Versus Global Standards
摘要
This research study offers a comprehensive review of data privacy and protection legislation across key foreign jurisdictions, specifically India, the European Union (EU), the United Kingdom, the United States, Australia, and Japan. It analyses the distinct attributes, advantages, and obstacles of each framework, with the objective of uncovering insights to improve worldwide data protection standards. The Digital Personal Data Protection (DPDP) Act of 2023 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules of 2021 in India underscore consent-driven data processing and regulatory supervision. Nonetheless, the execution of these steps poses considerable operational difficulties. The EU's General Data Protection Regulation (GDPR) is acknowledged as a rigorous and thorough data protection framework with tough compliance requirements; however, it draws criticism for elevated compliance costs and uneven enforcement among member states. The United States does not possess a comprehensive federal privacy legislation, opting instead for a sector-specific framework exemplified by statutes like the California Consumer Privacy Act (CCPA) and the Health Insurance Portability and Accountability Act (HIPAA). This disjointed methodology leads to regulatory discrepancies and intricate compliance environments. Australia and the United Kingdom, although affected by the GDPR, have developed customised frameworks that reflect local particularities, whereas Japan’s Personal Information Protection Law (PIPL) exhibits a more state-centric methodology with stringent data localisation mandates. With the advancement of digital technology, the safeguarding of data privacy and security is becoming progressively vital. This article delineates the principal similarities and variations across these legal regimes, emphasising the necessity for enhanced international regulatory cooperation and uniform data protection standards to more effectively safeguard personal data globally.