Paper Contents
Abstract
In the digital age, where data has become one of the most valuable assets, robust data privacy and cybersecurity regulations have emerged as critical mechanisms for safeguarding individual rights and ensuring ethical technology use. This paper presents a comprehensive comparative analysis of three pivotal legal frameworks: the General Data Protection Regulation (GDPR) of the European Union, the California Consumer Privacy Act (CCPA) of the United States, and emerging regulations surrounding Artificial Intelligence (AI), including the EU AI Act and proposed U.S. federal legislation. The study begins by examining the historical and legislative contexts that shaped the GDPR and CCPA, highlighting their core principles, scope, enforcement mechanisms, and implications for businesses and data subjects. While the GDPR emphasizes broad data protection rights, consent requirements, and extraterritorial applicability, the CCPA focuses on consumer rights to access, delete, and opt out of the sale of personal data, offering a more business-centric perspective. The analysis also shifts to the fleetly evolving geography of AI regulation. With AI technologies decreasingly impacting decision- making in critical areas similar as healthcare, finance, and felonious justice, governments and institutions are feting the need for visionary regulation. The paper explores the EUs AI Act, which classifies AI systems by threat and authorizations translucency, responsibility, and mortal oversight. It also examines U.S. enterprise, similar as the design for an AI Bill of Rights and proposed bills addressing algorithmic bias and automated decision- timber. Through this relative lens, the paper identifies crucial parallels and divergences among these nonsupervisory administrations, particularly in terms of data subject rights, compliance scores, enforcement authority, and the treatment of arising technologies like AI. Likewise, it evaluates the challenges of harmonizing data protection laws across authorities, balancing invention with ethical oversight, and addressing enforcement difference in global digital ecosystems. Eventually, the paper argues for the need for adaptive, forward- looking legal fabrics that not only cover individual sequestrations and promote cybersecurity but also foster responsible AI development. It concludes with policy recommendations for achieving non-supervisory consonance and strengthening transnational collaboration governance of data and AI.
Copyright
Copyright © 2025 Aditi Singh. This is an open access article distributed under the Creative Commons Attribution License.
