Coming off the heels of the EU Article 29 Working Party Opinion on the Privacy Shield, the EU Parliament passed the General Data Protection Regulation (GDPR) early April 15, which overhauls the union’s Data Protection Directive rules set forth in 1995. This regulation applies to all business and organizations targeting EU consumers, regardless of their geographic location.
Similarly, in a statement provided to Legaltech News, Francoise Gilbert, cybersecurity and privacy expert and partner at Greenberg Traurig, called the GDPR “a major change from the EU current data protection framework primarily because it attempts to create uniformity among the national laws currently in place.”
But Gilbert noted that “despite the promise of uniformity, there are actually numerous exceptions, and the opportunity for countries to have a different interpretation, or to have exceptions to certain provisions. In practice, this means that we will have to continue monitoring 31 different countries in order to provide advice on what is happening on a particular topic in the EU/EEA region.”