A guide to the General Data Protection Regulation

The entry into force of the General Data Protection Regulation (GDPR) on 25 May 2018 brought about the biggest overhaul of EU data protection law in more than 20 years and represented an attempt by EU policy makers to ensure the law on the collection, use, sharing and protection of personal data was fit for the digital age.

The GDPR accompanies its cousin in law enforcement data protection matters, the Police and Criminal Justice Data Protection Directive, and, unlike that Directive or the previous Data Protection Directive of 1995, is directly applicable in all EU member states. It is also applicable to organisations based outside of the EU that nonetheless target services at individuals in the EU based on the processing of their personal data.

While the GDPR is designed to enhance individuals’ data protection rights, the necessary corollary of stronger rights for data subjects is more onerous obligations for controllers, and, for the first time, processors.

Leave a Reply

Your email address will not be published. Required fields are marked *