The world we live in is changing in many ways, with the increasing use of technology playing a large part in this. Whilst many of these changes provide huge benefits, advances in technologies also generate a multitude of privacy issues. The potential for unauthorised use of personal data is ever increasing and in an attempt to control that, the EU data protection legal framework is undergoing significant changes.
Since the adoption of the EU Data Protection Directive (95/46/EC) in 1995, EU member states have implemented national data protection laws, resulting in a fragmented approach to data protection across the EU. In an attempt to harmonise these laws as well as introducing a far more stringent approach to data protection, in 2012 the European Commission published a draft regulation - the General Data Protection Regulation “GDPR”. This was published in the Official Journal of the European Union on 27 April 2016 and will come into force on 25th May 2018. As it is a Regulation it will have direct effect in all Member States from that date, without the need for further domestic laws to be implemented. Nonetheless, there are a number of areas within the Regulation where Member States are allowed to tailor national legislation, so whilst data protection law will be harmonised to an extent across the EU, some variation will remain.
The links below are intended to give further information relating to the GDPR, looking at the background to this new legislation, key changes that it brings, actions that all data controllers and processors should be taking and that individuals should be aware of, how we can help businesses and organisations prepare for and comply with the new Regulation, providing regular blog posts on various aspects of data protection and the GDPR and a News and Events section providing updates on the legislation, advice given by the ICO and other regulatory bodies as well as news of events and seminars which we are running.