Skip to content

The EU General Data Protection Regulation

After over four years of discussion, the new EU data protection framework was adopted on 8 April 2016. It takes the form of a Regulation – the General Data Protection Regulation (GDPR).

When the EU General Data Protection Regulation (GDPR) was finally agreed in April 2016, it seemed a long time until it would apply. Many companies are finding that there was a lot (for some, too much) to do. 

The GDPR took effect across all Member States from 25 May 2018, replacing the 1995 EU Data Protection Directive. The GDPR is an ambitious piece of legislation which took over four years to agree. One of the key aims was to create a harmonised approach to data protection across the EU, with bolstered rights for individuals in this age of rapid technological advances.

The GDPR sets a high standard for personal data protection throughout the EU, imposes a raft of new (sometimes onerous) obligations on those handling the data, and also provides for a much more punitive enforcement regime.

For our detailed GDPR guide, please click here.

GDPR Podcast

Key lessons to learn from recent data protection enforcement actions

GDPR podcast - Data protection post-Brexit: What to expect and how to prepare

Related links

A&O Digital Hub

Focusing on the latest digital trends and risks and developments in the field of data protection, privacy, information and cyber law.

Read more

Data protection post-brexit

Data protection post-brexit: What to expect and how to prepare.

Read more

GDPR for Litigators

The EU GDPR has become ubiquitous. Less understood is what GDPR means for disputes and contentious regulatory/enforcement matters.

Read more

Related brochures