Privacy law expansion, consolidation and centralization are somewhat inevitable as the consumer data collection, retention and distribution are at the core of many business operations. As Internet and cloud use grow globally, many sites which collect consumer information and store them in the cloud touch upon the privacy of citizens who may have no idea that the website that they use are located outside of their country of residence.
In such cases, local privacy laws which were originally implemented to protect consumers of a particular country must now be expanded to require the same level of privacy from companies operating from other parts of the world.
For example, Europe has decided to expand its privacy laws and introduced the General Data Protection Regulation. Expansion of privacy laws will ensure websites that operate globally such as Facebook and Google to abide by their privacy laws. Some of the data management practices which may be troublesome to Europe and must also be alarming to US citizens include the fact that once private information is collected from consumers, it is no longer controlled by consumers in some cases. For example, Facebook did not allow its users to permanently delete their account information at some point (not sure if it's still the case) and only allowed account deactivation which means that although personal information can not be viewed by others, it is still stored on a Facebook server and vulnerable to theft, fraud and abuse. Such problems have caused the European Union (EU) to reconsider its data privacy laws which had not been updated since 1995 when the Internet was much younger and innocent than it is today. Such privacy law expansion efforts will ensure EU effectively protects the privacy of its consumer information. This should rather be an easy task for EU to provide comprehensive privacy protection from a central control point as their laws, contrary to the US privacy laws, were already somewhat centralized.
The EU privacy law expansion proposal to revise its data protection law is likely to affect the amount of information websites can collect, and, provide more power to consumers for deleting and removing their private information at their discretion. Whether EU will be able to require tougher privacy practices from US companies and others remains to be seen.