Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

CybersecurityCybersecurity Law & StrategyFeaturesGeneral Counsel and In House CounselInformation Governance and ComplianceInternational LawInternet LawLJN NewslettersRegulationTechnology Media and Telecom

GDPR Gets Real

By Jason Straight
July 01, 2017

After years of discussion, debate, lobbying and lamenting, we are now twelve months from the date the European Union's General Data Protection Regulation (GDPR) takes effect. The GDPR replaces the EU's Directive 95/46/EC, which has provided data protection guidance in the EU since 1995. The purported purpose for enacting the GDPR is to create regulatory consistency and certainty for companies operating in the EU with respect to their obligations to protect personal information for citizens of EU states. With a fining mechanism that allows penalties as high as 4% of global turnover (i.e., gross-revenue), any company that has yet to take a hard look at its obligations under the GDPR would be well-advised to do so before it's too late. Moreover, the breadth of the regulation will create compliance headaches for nearly every organization, large and small.

For U.S. companies, the degree of emphasis placed on protecting personal information can be hard to grasp. But as the GDPR explicitly states, protection of personal data is considered a “fundamental right” and further clarifies that “processing of personal data should be designed to serve mankind.” Regardless of your view on the sanctity of personal information, the reality is that if you conduct any business in the EU or sell any goods or service to citizens of EU states, your window for procrastination is rapidly closing. Fortunately, even if you are hearing about GDPR for the first time today, you do have time to get ready and be compliant on May 25, 2018. This article targets organizations that have been putting off compliance efforts and for which the GDPR will require a relatively modest adjustment in practices and procedures.

Read These Next
The DOJ's Corporate Enforcement Policy: One Year Later Image

The DOJ's Criminal Division issued three declinations since the issuance of the revised CEP a year ago. Review of these cases gives insight into DOJ's implementation of the new policy in practice.

The DOJ's New Parameters for Evaluating Corporate Compliance Programs Image

The parameters set forth in the DOJ's memorandum have implications not only for the government's evaluation of compliance programs in the context of criminal charging decisions, but also for how defense counsel structure their conference-room advocacy seeking declinations or lesser sanctions in both criminal and civil investigations.

Use of Deferred Prosecution Agreements In White Collar Investigations Image

This article discusses the practical and policy reasons for the use of DPAs and NPAs in white-collar criminal investigations, and considers the NDAA's new reporting provision and its relationship with other efforts to enhance transparency in DOJ decision-making.

Bankruptcy Sales: Finding a Diamond In the Rough Image

There is no efficient market for the sale of bankruptcy assets. Inefficient markets yield a transactional drag, potentially dampening the ability of debtors and trustees to maximize value for creditors. This article identifies ways in which investors may more easily discover bankruptcy asset sales.

A Lawyer's System for Active Reading Image

Active reading comprises many daily tasks lawyers engage in, including highlighting, annotating, note taking, comparing and searching texts. It demands more than flipping or turning pages.