May 23, 2016 Articles

EU's General Data Protection Regulation: Sweeping Changes Coming to European and U.S. Companies

The new measure is a response to developments in data collection and the explosion in security breaches.

By Jonathan Millard and Tyler Newby

In December 2015 the European Commission published a General Data Protection Regulation (GDPR) to replace the Data Protection Directive, which currently regulates the collection and use of personal data within the European Union (EU). The Data Protection Directive was enacted more than 20 years ago and was in dire need of updating to keep pace with developments in data collection and sharing practices, as well as the explosion of data security breaches. The GDPR will likely come into force in 2018, but its wide-ranging implications necessitate immediate attention from the business community not only in the EU but also on the global stage.

The key features of GDPR are summarized below.

Premium Content For:
  • Litigation Section
Join - Now