The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.[1] Superseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements pertaining to the processing of personally identifiable information of individuals (also referred to as data subjects) inside the European Economic Area (EEA) (which includes the member states of the European Union) and applies to any enterprise—regardless of its location and the data subjects' citizenship—that is processing the personal information of individuals inside the EEA. The amended regulation was adopted on 14 April 2016, and after a two-year transition period, became enforceable on 25 May 2018. Because of its wide reach, the GDPR has been described as a major shift in data privacy regulation globally. [3] As of 2024, a majority of countries across the globe have some form of GDPR-like regulation. [4] The GDPR levies a tiered system of fines for non-compliance, which can be up to €20 million or 4% of annual global turnover, whichever is greater. Companies also face the risk of class action lawsuits.

The California Consumer Privacy Act (CCPA) is a state statute intended to enhance privacy rights and consumer protection for residents of California, United States. The bill was passed by the California State Legislature and signed into law by Governor Jerry Brown on June 28, 2018, and went into effect on January 1, 2020. It was amended by the California Privacy Rights Act (CPRA) on November 3, 2020. The CCPA grants California consumers several rights, including the right to know what personal information businesses collect about them, the right to delete personal information, and the right to opt-out of the sale of their personal information. It applies to businesses that collect and control California residents’ personal information, and that meet certain revenue or data processing thresholds. The CCPA has significantly impacted businesses operating in California, requiring them to update their privacy practices and provide consumers with greater control over their personal information. It has also spurred similar privacy legislation in other states, and prompted calls for a federal privacy law in the United States. The CCPA is enforced by the California Attorney General, who has the authority to investigate and fine businesses that violate the law. Consumers can also bring private lawsuits against businesses for certain data breaches.

The Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003 is a United States law passed in 2003, establishing rules for commercial email and messages. It establishes requirements for commercial messages, gives recipients the right to have businesses stop emailing them, and spells out tough penalties for violations. The CAN-SPAM Act covers all commercial messages, which the law defines as any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service, including email that promotes content on commercial websites. The Act does not apply to transactional or relationship messages. The CAN-SPAM Act requires that businesses include a physical postal address in their emails, provide a clear and conspicuous way for recipients to unsubscribe from future emails, and promptly honor opt-out requests. The Act also prohibits deceptive subject lines and false headers. Violations of the CAN-SPAM Act can result in penalties of up to $50,120 per email. The Federal Trade Commission (FTC) is responsible for enforcing the CAN-SPAM Act. The CAN-SPAM Act has had a significant impact on email marketing practices in the United States, leading businesses to adopt more transparent and consumer-friendly email marketing strategies.