European Parliament Gives Final OK to General Data Protection Regulation

    May 11, 2016

    The European Parliament on April 14 announced that it gave final approval to the General Data Protection Regulation (GDPR), the last step in a four-year process to update the 1995 EU Data Protection Directive. The GDPR is intended to simplify and harmonize rules for companies in the Digital Single Market by bringing about stronger EU-wide harmonization of privacy and data security rules and enforcement.

    The provisions include citizens’:

    • Right to be forgotten
    • Need to give "clear and affirmative consent" for processing their private data
    • Right to transfer their data to another service provider
    • Right to know when their data has been hacked
    • Assurance that privacy policies are explained in clear and understandable language
    • Assurance of stronger enforcement and fines up to 4% of a company’s total worldwide annual turnover, as a deterrent to breaking the rules

    “The general data protection regulation makes a high, uniform level of data protection throughout the EU a reality,” said Jan Philipp Albrecht, vice chair of the Civil Liberties, Justice and Home Affairs Committee. “The regulation will also create clarity for businesses by establishing a single law across the EU.”

    The final text of the regulation was published May 4 in the EU Official Journal. It will apply across the EU on May 25, 2018, following a two-year transition period for member states to transpose the provisions of the directive into national law.

    The online Global Policy Brief is intended to help you stay current on international news and events. Further information about the issue is accessed by clicking on the link provided at the end of each summary.

    Want to sign up to receive an email version of the Global Policy Brief? It's free! Just tell us a little about yourself and you'll receive a monthly dose of the latest in legislation, regulation, and more.

    © 2017, ARMA International