When is privacy not something to keep quiet about? New EU privacy rules are on the way

Technology advancements have fundamentally altered how organizations collect, use and manage data. In light of this, in 2012 the European Commission embarked on a process to both update, simplify and bolster privacy regulations, and allow EU residents to resume control over their personal data. The culmination of these efforts is the General Data Protection Regulation (GDPR).

Released in 2016, and due to come into effect 25 May 2018, the GDPR is an omnibus data protection law that builds upon and expands the Data Protection Directive 95/46/EC (the Directive). It will ultimately replace the Directive to become the single regulation for data privacy protection.

The GDPR applies to any organization, regardless of geographic location, that controls or processes the data of an EU resident.

Read our latest report to find out what GDPR will mean for businesses.

EY Law Services Data Privacy contacts:



Fabrice Naftalski – Global Data Privacy Leader




Monika Menz – Senior Manager, IP/IT Data Privacy