General Data Protection Regulation (GDPR)
Approved by the EU parliament in April 2016, the General Data Protection Regulation will replace the Data Protection Directive, which currently regulates how personal data can be used.
The current directive was enacted before internet and Cloud tech became mainstream. Today, there are new (and unforeseen) ways of exploiting personal data: the GDPR seeks to address these threats by imposing tougher penalties for non-compliance and giving people greater control over what companies can do with their data.
The GDPR came into effect on 25 May 2018.