The first year of the General Data Protection Regulation ("GDPR") is over. Although early noises predicted an entirely new data protection regime, the European legal framework did not change substantially, the major changes being an expansion of the territorial scope to non-EU countries and stronger powers of enforcement. In spite of fears and rumours of immediate enforcement and huge fines, most regulators focused on helping companies achieve compliance, or they enforced without directly imposing fines.
At the start of the second year of the GDPR , the ‘regulatory warm-up phase’ seems finished. At the same time, the GDPR is becoming the world wide game-changer in the protection of personal data.
This visual gives an overview of the main GDPR developments in the first full year. In a connected white paper, more extended information is given, with particular attention for regulatory enforcement and what may be expected in the future.
Click on the visual to enlarge
With special thanks to Jurriaan van Mil, Joe Jay de Haas, Kim Raad and Cyril Fischer for their invaluable contributions.