European Data Protection: A Review of the New Regulatory Framework
Abstract
With less than two years to go until the implementation of the General Data Protection Regulation, in the next in a series of articles on data privacy, Claire Walsh and Liam Russell will guide you through the key elements of the new European regulatory framework. OVERVIEW OF THE GENERAL DATA PROTECTION REGULATION (GDPR) The new framework for European data protection regulation is contained in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the General Data Protection Regulation or GDPR). The GDPR recognises that the protection of individuals in relation to the processing of personal data is a fundamental right ; that the economic and social integration resulting from the functioning of the internal market has led to a substantial increase in cross-border flows of personal data ; that rapid technological developments and globalisation have meant that the scale of the collection and sharing of personal data has increased significantly ; and that a stronger and more coherent data protection framework is required, backed by strong enforcement, that is consistent across member countries. The GDPR repeals the existing European Union Directive on data protection in its entirety and will be directly effective in the member states of the European Union from 25 May 2018 without the need for implementing legislation.