With initial approval in the European Parliament civil liberties committee (the so-called LIBE Committee), the EU is moving ahead with overhauling its existing 15-year-old Data Protection Directive, replacing it with the General Data Protection Regulation (GDPR). The European Commission introduced the draft GDPR in January 2012 and seeks to harmonize regulations across the 28 member-states, replacing varying national laws with a single, consistent regulation on data handling and individual rights.

This new regime could fundamentally change the privacy and data transfer practices of every large company operating in Europe or offering goods or services to data subjects in Europe, the flows of data within financial services and other firms, and the business practices underlying internet products, cloud computing, or social networks offered to European consumers.
Continue Reading