Background Image
Previous Page  7 / 176 Next Page
Information
Show Menu
Previous Page 7 / 176 Next Page
Page Background CHAPTER V CHAPTER IV CHAPTER III CHAPTER II CHAPTER I REGULATION Table of Contents

5

GDPR - Pocket Edition

INTRODUCTION

Alston & Bird is pleased to offer you this handy pocket version of the General Data

Protection Regulation (GDPR).

The privacy community has long awaited the adoption of the GDPR, which will

apply EU-wide as of May 25, 2018. As the countdown proceeds, the impacts the

GDPR will have on businesses are becoming evident. It is clear that the GDPR is

an unprecedented game-changer that will raise data privacy to the top of the

compliance agenda over the next few years.

As companies work to bring their processing operations into conformity with the

GDPR, they should keep in mind the intention of those within the EU that worked

so hard to pass the GDPR. The GDPR considerably enhances the privacy rights

of individuals, who will have more control over their data. While no processing

operation is immune to challenge, companies that focus on GDPR compliance early

on will be in a stronger position to address complaints and controversies.

The GDPR has a strong harmonizing potential. To date, companies have often

struggled to comply with the many, sometimes conflicting, obligations imposed

by local privacy regulation within the European Union. In many respects, the GDPR

should simplify multijurisdictional compliance. The GDPR also removes certain

burdensome, red-tape requirements that exist under current legislation, such as

notification and export permit obligations.

At the same time, the scope and details of some GDPR obligations are yet to be

defined and raise substantial uncertainty. Companies will also be subject to new

requirements, such as breach notification, prior consultation with supervisory

authorities and direct liability for processors. Furthermore, the possibility of very

high sanctions (up to 4% of a company’s global turnover [revenue]) will accentuate

business concerns, and may lead companies to take conservative interpretations of

GDPR requirements.

Clearly, timely action is called for. The GDPR will require companies to do more than

just update privacy notices and policies. Effective compliance will necessitate broad

and continuing stakeholder engagement as well as operational and system changes.

Alston & Bird’s privacy team is deeply engaged in GDPR (and other EU privacy

matters) on behalf of a number of clients. We are well-placed to do so with a full

team in Brussels and the United States.

–Alston & Bird Privacy and Security Team

1 2 3 4 5 6 7 8 9 10 11 12 13 176  FlippingBook