The EU General Data Protection Regulation

08 June 2016 Download PDF

The EU data protection landscape, having remained largely unchanged since 1995, is now on the brink of a radical transformation. After extensive negotiations, the GDPR was formally adopted on 4 May 2016 and is set to replace most EU data protection legislation, including the DPA in the UK.

 

Unlike the current Directive, the GDPR will be directly applicable in all EU Member States without the need for national legislation. It will apply from 25 May 2018.

The GDPR brings new concepts into the regulatory spotlight, including profiling and the right to be forgotten. It imposes extensive new obligations on businesses and transforms the role of the Data Processor. Rights for individuals are significantly strengthened and fines in respect of breaches are increased exponentially from £500,000 under the DPA, up to €20,000,000 or 4% of annual worldwide turnover under the GDPR.

This Brochure aims to explain the main differences between the Directive/DPA and the GDPR. We have used weather themed icons for categorising the changes, so that at a glance, you can see how this may affect your business.

Please see our Glossary on page 21 for an explanation of the defined terms and abbreviations that we have used in this Brochure.

If you would like more information on the GDPR or the DPA, please contact Ian Stevens, Emma Burnett, John Armstrong or Loretta Pugh.

 

Show more Show less

Back to top

Agency Database

Future Dates

* Estimated date

  • 1 november 2017

    Deadline for responses to FCA's consultation paper (CP17/29) on client money and unbreakable deposits.

  • 2 November 2017

    Deadline for responses to the EBA's discussion paper on FinTech.

  • 17 November 2017

    Deadline for responses to European Commission's consultation paper on 'post-trade in a Capital Markets Union: dismantling barriers and strategy for the future'.