Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Denver news in your inbox
Catch up on the most important stories affecting your hometown with Axios Denver
Des Moines news in your inbox
Catch up on the most important stories affecting your hometown with Axios Des Moines
Minneapolis-St. Paul news in your inbox
Catch up on the most important stories affecting your hometown with Axios Twin Cities
Tampa Bay news in your inbox
Catch up on the most important stories affecting your hometown with Axios Tampa Bay
Charlotte news in your inbox
Catch up on the most important stories affecting your hometown with Axios Charlotte
Aaron Levie. Photo: Justin Sullivan/Getty Images
Even as politicians in D.C. struggle to come up with national privacy legislation, Box CEO Aaron Levie says there is a growing consensus on what should be expected of companies.
Why it matters: As large companies adopt policies to comply with EU and California laws, federal legislation becomes more a formality and less of a battleground.
- "We're stumbling our way there," Levie told Axios on Thursday in an interview at the company's San Francisco office.
The big picture: Specifically, he said, there is growing convergence around several key points.
- Customers should know how their data is being accessed.
- They should have some degree of a right to revoke access.
- There should be limits to how third parties can access that data.
- Companies should probably be required to provide some level of auditing or reporting to the federal government.
What he's saying: "It's a very blurry image but you can start to see the contours of what a global privacy set of laws might look like."
- "We're probably 5 years out from this being anything that gets standardized. But I think it is not unrealistic that things could start to converge more on this stuff."
Meanwhile, Levie expects big companies to largely adopt the California rules that go into effect in January, just as most companies adopted the EU's GDPR requirements globally. Google, for example, committed Thursday to doing just that.
- "It's just how you will build your systems," he said.
The bottom line: Increased regulation is good for Box's business. "The more complex the world gets from a data privacy standpoint," Levie said, "the more companies want partners that can abstract that."
Go deeper: The global shortage of privacy professionals