EU General Data Protection Regulation a Step Closer

  • EU Data Protection Law Reform.
  • The General Data Protection Regulations (GDPR) to replace Data Protection Directive
  • GDPR expected to come in to force from 2018.
  • Increased Penalties & Requirements.

Original Author: Assent Risk Management

Original Links:


European Data Protection Law Reform

Reform of European Data Protection Laws came a step closer in December 2015 when final text for the General Data Protection Regulations (GDPR) was agreed.

The GDPR is intended to replace the Data Protection Directive which was incorporated in to UK Law as the Data Protection Act 1998.

The new European Regulations are expected to come in to force in 2018 and will unify Data Protection across the 28 member states, replacing domestic legislation enacted by individual member states to implement the original directive.

What’s New

It’s reported that the new General Data Protection Regulations will increase the penalties for companies who don’t comply to €20m or 4% of annual worldwide turnover for groups of companies, whichever is greater.

The requirements are also expected to focus on “Monitoring Behaviour” where companies, technology and services track users’ online activities. This will particualy affect cloud based services which makes for an interesting political situation with the America following the recent judgement that invalidated the SafeHarbour Agreement between the EU and USA.

A ‘Right to be Forgotten’ is also reported to form part of the regulations, a subject that has been widely debated in recent times.