The GDPR is now in force and Kemp IT Law has put together several blogs and vlogs to assist businesses in being compliant with the new rules. A summary of these resources is below.
An extract from our IT law trends for 2018 blog:
GDPR will continue to be top of mind for many IT lawyers until 25 May 2018 when it enters into force and likely for a while thereafter. In the words of the Economist newspaper the GDPR ‘is “the most complex piece of legislation the EU has ever produced”’ and “will be one of the most important pieces of legislation brought into force in 2018”. As the Information Commissioner has said, ‘we’re all going to have to change how we think about data protection and, as everyone is finding out, you can’t just paper your way to GDPR readiness.
In addition to the rising bow wave of work in the first half of 2018, data-related legal work is likely to settle back at a significantly higher level than before. GDPR regulatory enforcement will gain traction after the summer holidays and we’re likely to see over the remainder of 2018 an outbreak of litigation and the continuing weaponization of data protection claims in the employment, B2B, and international contexts.
A potential curve ball to watch out for is the new ePrivacy Regulation – the source of the rules on cookies and the requirements for cookie policies. The EU published a draft regulation in January 2017 and it is still under discussion, but it looks like extending the current (2009) ePrivacy Directive significantly. Although the EU said in early 2017 that they want the new regulation to start at the same time as the GDPR, this is looking increasingly less likely, and it may be 2019 before it comes into effect.
Vlogs:
Right to be Forgotten under the GDPR and the new UK Data Protection Bill
Controller to Processor Transfers under the GDPR
GDPR for the professional services industry
Accountability and Transparency under the GDPR
Data Transfers to Non-EEA Countries under the GDPR
Presentations from recent events: