The General Data Protection Regulation (GDPR) is an upcoming European Union (EU) law that will have multi-jurisdictional enforcement power over the personal data of all EU citizens. One of the objectives of the GDPR is to make data protection and the free movement of one’s personal data a fundamental right. The GDPR will go into effect in May of 2018, taking the place of the EU’s Data Protection Directive.
So why should an EU data privacy law matter to American businesses? The aforementioned multi-jurisdictional reach of the GDPR means US companies processing the data of EU residents will be subject to the GDPR. Most importantly, any firm found to violate the GDPR will subject to a fine of either four percent of total global revenue or $23.5 million (whichever amount is determined to be greater).
Since this new EU data privacy measure has yet to go into effect, the best thing to do is for professionals in the information technology field to gather their knowledge and understanding around this impending data privacy regulation. The best way to do this is by joining the EU GDPR Institute in an upcoming training session on Monday, September 25, 2017, in the San Francisco Bay Area.
More details on this upcoming training can be found here.