The EU General Data Protection Regulation (the “GDPR”), was adopted on 25 May 2016. It repeals the current, less onerous, EU Data Protection Directive, and must be complied with by 25 May 2018. It has direct effect on all member states, so there is no requirement for national implementation laws. The Government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR, although it remains to be seen whether implementation will continue post-Brexit.
The GDPR broadens the reach of current legislation, enhances the rights of the individual (the “data subject”) and introduces new rights. Click here to read more.