International data privacy laws have existed long before the EU’s General Data Protection Regulation came into effect in May 2018. But at least in the U.S., the GDPR was, for many businesses, the start of a global privacy shift.

“I think [the GDPR] was very much an intentional, organized way to make the U.S. pay attention to EU privacy laws,” Michelle Six, a partner at Kirkland & Ellis, said.