General Data Protection Regulation – the elephant in the room
The EU’s data protection laws have long been regarded as the gold standard in the protection of personal data.
Over the last 25 years, technology has transformed our lives in ways nobody could have imagined, so a review of the rules was needed. Following four years of discussion and debate, in 2016, the EU adopted the General Data Protection Regulation (GDPR), one of its greatest achievements in recent years. It replaces the 1995 Data Protection Directive which was adopted at a time when the internet was still in its infancy.
The most significant change to rules governing data protection comes into effect in May 2018, carrying fines of up to four per cent of global turnover or €20 million, whichever is higher, for businesses that do not comply. The GDPR in conjunction with the EU Commission’s data protection reform is intended to boost the digital single market. The data protection reform strengthens the right to data protection, which is a fundamental right in the EU, and allows people to have trust when granting access to their personal data.
Most notably, these include consent, easier access, right to data portability and a clarified right to be forgotten.
With regards to the...