Quiz Entry - updated: 2026.07.14
What are the key data protection regulations, and what data security properties do they aim to ensure?
The EU GDPR, the US CCPA, and the Swiss revDSG are the major frameworks, and they all aim to ensure confidentiality, integrity, and availability of personal data.
* The CIA triad: confidentiality, integrity, availability. — Michel Bakni, CC BY-SA 4.0, via Wikimedia Commons. *
Major regulations:
| Regulation | Jurisdiction | Key characteristic |
|---|---|---|
| EU GDPR | European Union | Most comprehensive. Also affects Swiss companies that process EU residents' data. |
| CCPA | California, USA | Consumer-focused. Gives Californians control over their personal data. |
| revDSG | Switzerland | Revised Swiss Data Protection Act, in force since September 2023. |
| ISO 27000 | International | Security management standard, not a law, but a best-practice framework. |
Data security properties these laws protect:
- Confidentiality (Vertraulichkeit).
- Integrity (Integrität).
- Availability (Verfügbarkeit).
- Authentication (Authentifizierung).
- Authorization (Autorisierung).
- Accounting / accountability (Abrechnung).
Implementing data protection in practice requires:
- Control over personal data.
- Data minimization.
- Identity management.
- Legally compliant data processing.
Key insight: Effective data protection requires both legal and technical measures that interlock and complement each other. A law without enforcement technology is just words on paper.
Go deeper:
General Data Protection Regulation (Wikipedia) — overview of the EU's flagship framework.
Regulation (EU) 2016/679 — official GDPR text (EUR-Lex) — the authoritative legal source.
NIST Privacy Framework — the US risk-management complement.