Data protectionThe EU General Data Protection Regulation – Quo vadis?

Today, the Commission released a report evaluating the impact and implementation of the General Data Protection Regulation (GDPR) across Europe – one year after having come into force. It shows that the GDPR has achieved most of its objectives as most Member States have set up the necessary legal framework and the new system to enforce data protection rules is taking shape.

Further steps to strengthen these rules and to ensure their application include:

  • The Commission wants to guarantee an even GDPR compliance across the EU. In order to prevent any gold-plating it continues to monitor Member States with respect to their national law specifications. Greece, Portugal and Slovenia still need to follow suit in updating their data protection rules.

  • National data protection authorities are equipped with effective means to enforce data rules. Their cooperation within the European Data Protection Board will be strengthened to create an EU-wide data protection culture including cross-border efforts such as joint investigations.

  • The European model serves as a reference point for developments towards greater data protection on a global level. Thus, new opportunities for safe data flows between the EU and Third Countries arise. Also, the Commission seeks to promote adequacy dialogues, especially on law enforcement, and to explore the options for multilateral frameworks to exchange data with trust.

Věra Jourová, Commissioner for Justice, Consumers and Gender Equality, added: “The General Data Protection Regulation is bearing fruit. It equips Europeans with strong tools to address the challenges of digitalisation and puts them in control of their personal data. It gives businesses opportunities to make the most of the digital revolution, while ensuring people's trust in it. Beyond Europe, it opens up possibilities for digital diplomacy to promote data flows based on high standards between countries that share EU values. But work needs to continue for the new data protection regime to become fully operational and effective.”

Source: European Commission

More information