On the back of the recent EU GDPR legislation, it seems that more and more consumers are sitting up and paying attention to how their personal data is collected and managed.

But how can you protect your personal data when traveling? Here’s how some of Australia’s most visited holiday destinations handle data and what you need to know.

Bali/Indonesia

There are currently no personal data protection laws in Indonesia. This means that those living in the country aren’t protected against the misuse of their data. This lack of enforcement has caused a number of large-scale issues for the country. One that sparked a lot of controversy in the press was a scandal concerning popular ride-sharing app, GO-JEK. In 2016, the app had many security vulnerabilities, with many users’ personal data being leaked and shared. Thankfully, the company reviewed their privacy policy and have made their efforts public to ensure customers know exactly what they can expect when signing up to GO-JEK.

While changes may have been made, it’s still important travelers to the country understand data breaches are still a possibility, especially when giving data to third party sources. After all, not all Indonesian companies have the capital to improve their privacy laws, nor are there any formal laws which state they should.

Photo credit Getty/Anastasiia Shavshyna

USA

In the US, there is no one blanket rule for data protection laws. Instead, they differ state to state, with some areas doing more to ensure the safety of their residents and their data. One of these leaders is California. The state has enforced strict rules, much like that of the GDPR, called the California Consumer Privacy Act (CCPA). This gives those in the state more control over how businesses collect and manage their data. However, not all US states are quick to follow in California’s footsteps. Take Alabama for example. It was the last state to pass a law requiring companies to disclose when a data breach occurs.

Such different data protection laws means  travelers to the US must be aware that not all areas offer the same amount of protection, so always be cautious when disclosing personal information – no matter how legit they may seem.

Photo credit Getty/Westend61

UK

The UK falls under the EU’s recent GDPR changes, meaning all businesses who operate within the EU now have a stricter set of rules surrounding data protection and sharing. These companies now have a duty to be completely transparent about how they collect and manage a customer’s data. It puts the consumer in the driving seat, giving them access to their data, with the option to have information deleted. This is an advantage for those staying in accommodation provided by a company within the EU. Failure to comply results in astronomical fines.

Photo credit Getty/Izusek

New Zealand

New Zealand was once steps behind the rest of the world in terms of protecting data. However, a new ‘Privacy Bill’ is set to rival the recent GDPR laws and replace the somewhat outdated Privacy Act 1993. While the Bill includes more forceful laws surrounding data protection, it’s still in the stages of consideration, meaning there’s still a risk of data breaches for those in the country.

Photo credit Getty/Matthew Micah Wright

Japan

The Act on Protection of Personal Information (APPI) governs the security of online privacy surrounding data protection in Japan. It only applies to businesses that hold personal data of 5,000 or more individuals. Such companies must specify the purpose of data collection and allow customers the right to ask about the data held on them. But what about those smaller, lesser-known companies? Instead of running the risk of a data breach, always be selective about where your personal data goes.

Photo credit Getty/JohnnyGreig

Staying protected is something we know a lot about here at Travel Insurance Direct. When heading on holiday, always ensure you’re covered with the right travel insurance policy in the event of an accident.