Techniques for maintaining geographic-based data privacy rules in networked environments. An example method includes receiving, from a first subsystem, a query for data; receiving, from the first subsystem, an aggregate passport indicating at least one geographic region in which the first subsystem and at least one second subsystem connected to the first subsystem operates; and determining that the at least one geographic region complies with at least one data privacy rule that applies to the entity. Based on determining that the at least one geographic region complies with the at least one data privacy rule that applies to the entity, the example method further includes transmitting, to the first subsystem, at least a portion of the data; and storing an indication that the at least the portion of the data has been shared.