How the GDPR Will Change the World

Time is running. On 24 May 2018 the General Data Protection Regulation of the EU (GDPR) will apply directly to processing activities of personal data which have a link to the European Union’s territory or market. From this day on a breach of its provisions will be punishable by a sanction of up to 4% of the yearly worldwide turnover in case of an enterprise or up to €100 million in all cases. All Data Protection Authorities (DPAs) will have to impose these sanctions and they will be equipped with a wide range of tasks and powers on top. Binding majority decisions by a newly created European Data Protection Board can force any Member States’ DPA to adopt, change or withdraw a certain measure. From 24 May 24 2018 the fragmented digital market of today and the lack of enforcement in the field of data protection provisions will end. There will be a unified and directly applicable data protection law for the European Union which replaces almost all of the existing Member States’ provisions and which will have to be applied by businesses, individuals, courts and authorities without transposition into national law.