It has been over a year since the General Data Protection Regulation (GDPR) came into force – and it did so with great fanfare. The
Continue Reading 2 Intent-to-Fine Notices in 2 Days by UK Information Commissioner for GDPR Violations; Amounts Total £282 Million

Written by Luke Dixon

Recent news on both sides of the Atlantic has included considerable commentary on the issues of data privacy and international data flows. With an important vote on the issue due to take place in the EU Parliament next month, now seems like a good time to bring readers up to date with progress on the proposed draft General Data Protection Regulation (the “Regulation”). This legislation (once adopted by the EU) will provide the superstructure to its approach to the challenges of data privacy in the 21st Century.

The European Commission published its reform proposals for EU data protection law in January 2012. These reforms are intended to replace the current Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the “Data Protection Directive” or the “Directive”).

The reforms are chiefly embodied in a draft Regulation which is currently making its way through the EU’s legislative process (albeit not at a breakneck pace). The Regulation is aimed at harmonizing the data protection procedures and enforcement across the whole EU. This should provide a “one-stop shop” for non-EU companies who want to understand their compliance obligations. Under the current Directive, the EU Member States have more scope for interpretation in their national laws, and their implementation of EU law has been more uneven. This note highlights some of the key changes to the present regime that will be introduced if the draft Regulation is adopted in its current form.
Continue Reading The Draft EU Data Protection Regulation: Where are we now, and where are we going?