GDPR (General Data Protection Regulation)

EU GDPR (General Data Protection Regulation) is a far-reaching privacy regulation in the European Union. It covers personal information and activities taking place within the European Union even when the party processing the personal information is not in the EU. GDPR is a law established at the European Union level and comes with hefty penalties. It is automatically in force in all EU countries and will start being enforced on May 25, 2018.

The definition of personal information in the legislation is extremely broad. It basically covers any information that has been or can be associated with a particular natural person.

These links provide the text of the General Data Protection Regulation, as well as commentary on the regulation by the data protection offices of various EU countries. The commentary may help interpret the regulations.

EU Data Protection Directive (DPD)

The new regulation largely supersedes the older Data Protection Directive. For reference, the old regulation is provided here.

European Court of Justice decisions around GDPR

The European Court of Justice has already made several decisions that are important for interpreting the regulation. Decisions on IP addresses and cybersecurity as a valid justification for processing them are important for many organizations.

Resources for marketing professionals

The regulation is particularly sweeping with respect to Internet marketing and marketing analytics. These references provide guidance for marketing professionals.

Guidance from law offices, associations, and consultants

Various law offices have written about the regulation and provide guidance for its interpretation and interpretation. These law offices are probably good candidates to talk to when needing assistance. However, this should not be read as any kind of endorsement.

Press and vendor articles about GDPR

Various press articles also provide useful guidance and information. Here are some of the more relevant.

Disclaimer

The references herein are for information only and should not be seen as endorsements. Nothing herein is intended as legal advise and we recommend consulting a competent attorney to interpret the regulation in the unique circumstances of each organization.