increase negative publicity surrounding any incident that compromises customer data. Furthermore, we may be required to disclose personal data pursuant to demands from individuals, privacy advocates, regulators, government agencies, and law enforcement agencies in various jurisdictions with conflicting privacy and security laws. This disclosure, or refusal to disclose personal data, may result in a breach of privacy and data protection policies, notices, laws, rules, court orders, and regulations and could result in proceedings or actions against us in the same or other jurisdictions, damage to our reputation and brand, and inability to provide our products and services to consumers in certain jurisdictions.
Jurisdictions outside of the United States and the EU are also passing more stringent data privacy, protection, and security laws, rules and regulations with which we may be obligated to comply. For example, on July 8, 2019, Brazil enacted the General Data Protection Law (Lei Geral de Proteção de Dados Pessoais) (Law No. 13,709/2018), or LGPD, and on June 5, 2020, Japan passed amendments to its Act on the Protection of Personal Information, or APPI. Both laws broadly regulate the processing of personal information in a manner comparable to the GDPR, and violators of the LGPD and APPI face substantial penalties.
We continue to see jurisdictions imposing data localization laws, which require personal information, or certain subcategories of personal information, to be stored in the jurisdiction of origin. These regulations may inhibit our ability to expand into those markets or prohibit us from continuing to offer services in those markets without significant additional costs. Additionally, both U.S. and non-U.S. governments are considering regulating artificial intelligence and machine learning. Existing and future laws and evolving attitudes about privacy protection may impair our ability to collect, use, and maintain data points of sufficient type or quantity to develop and train our artificial intelligence algorithms.
In addition to our legal obligations, our contractual obligations relating to data privacy, protection and security have become increasingly stringent due to changes in data privacy, protection and security and the expansion of our service offerings. Certain data privacy, protection and security laws, such as the GDPR and the CCPA, require our customers to impose specific contractual restrictions on their service providers.
Apart from government activity and our customer contracts, privacy advocacy and other industry groups have established or may establish new self-regulatory standards that may place additional burdens on our ability to provide our services globally. Our customers expect us to meet voluntary certification and other standards established by third parties, such as TRUSTe, the American Institute for Certified Public Accountants, or the International Standards Organization. If we are unable to maintain these certifications or meet these standards, it could adversely affect our ability to provide our solutions to certain customers and could harm our business. Business partners and other third parties with a strong influence on how consumers interact with our products, such as Apple, Google, Facebook and Mozilla, may create new privacy controls or restrictions on their products and platforms, limiting the effectiveness of our services.
With laws, rules, regulations and other obligations relating to data privacy, protection, and security imposing new and stringent obligations, and with substantial uncertainty over the interpretation and application of these and other obligations, we may face challenges in addressing their requirements and making necessary changes to our policies and practices, and may incur significant costs and expenses in an effort to do so. Additionally, if third parties we work with, such as our vendors or third-party service providers, violate applicable laws, rules or regulations or our policies, such violations may also put our or our customers’ data at risk and could in turn have an adverse effect on our business. Any failure or perceived failure by us or our third-party service providers to comply with our applicable internal and external policies or notices relating to data privacy, protection or security, our contractual or other obligations to customers or other third parties, or any of our other legal obligations relating to data privacy, protection or security, may result in governmental investigations or inquiries (which have occurred in the past and may occur in the future), enforcement actions, litigation, disputes or other claims, indemnification requests, restrictions on providing our services, claims or public statements against us by privacy advocacy groups or others, adverse press and widespread negative publicity, reputational damage, significant liability or fines and the loss of the trust of our customers, any of which could have a material adverse effect on our business, results of operations and financial condition.
30