Next Year Businesses Face A Global Paradigm Shift with the EU Data Protection Regulation

Next Year Businesses Face A Global Paradigm Shift with the EU Data Protection Regulation

Every organization in the European Union, that even has as little personal information from data subjects as that within its human resources department, will have to get up to speed with the new de facto global data privacy Regulation that will take effect from May 2018.

The new EU Regulation, unlike a Directive, requires no further legislation from Member states and will become effective law across Europe next year. It aims to make data privacy a very important priority for businesses not just across Europe so there is a uniform internal market, but it goes further across the whole world. Any organization that trades with Europe will also be caught by its auspices and will have to appoint a representative within the European Union.

While generally law reform tends to be incremental, that isn’t the case with new paradigm shift of the EU Data Protection Regulation. It is massive change in one large dose that everyone will have to get up to speed on and comply with by May of 2018.

It won’t just be internet businesses, but any organization is the EU that keeps data record of personal information, and the Regulation’s scope is wide enough to capture non-EU businesses that either sell goods or services to EU residents or monitor their behaviour. The new EU Regulation tries to establish a new global level playing field by exporting its data protection regulation to all corners of the world that want to do business with the largest trading bloc in the world, the EU.

Data intensive businesses like financial services, marketing, forex, travel, banking, insurance, shipping and human resources will have to do a lot of ground work to prepare for the revolutionary changes being brought in by the Regulation across Europe and the world.

There will even be repercussions for algorithmic profiling and artificial intelligence operations as data subjects can resist automatic decisions being made for them without human supervision.

A cyber security breach was until now just bad publicity, but from next year with mountainous administrative fines at the level of the higher of 4% of global turnover (not profits) or Euro 20 million, it could cost your business its survival. It time to prepare for the global data protection legal paradigm shift, because ignorance of the new EU Regulation will be no excuse.

The fear of bankruptcy from a cyber security breach should motivate European and global businesses to quickly get up to speed with the EU General Data Protection Regulation.

EIMF is offering a seminar on 11th and 12th of July, with title EU General Data Protection Regulation Workshop. If you are interested, please click here for more details about the seminar.


By Dr. Nick Skrekas

International Lawyer and Economist

Seminar Speaker at the European Institute of Management and Finance