General data protection regulation

General Data Protection Regulation (or GDPR) in drafting state in 2013.

It includes a ‘right to be forgotten’, which would compel companies to permanently delete or hand over all data they hold on a person on request. It would also require web businesses to gain explicit consent from individual users to collect their information and use it for a particular purpose. This would create a real barrier for the invasive but profitable business strategy of online data collection and profiling of individuals. Moreover, it would give national regulators the ability to fine companies up to 2 percent of their annual sales for not complying.

Legislation

 * , Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance).

External

 * LobbyPlag.eu, Top 10 EP members for less/more Data Privacy in Europe, last retrieved on 9 April 2018.


 * Yammer, A conversation on the proposed General Data Protection Regulation, started on 19 February 2013.


 * ElPais.com, EE UU presiona en la sombra para frenar la normativa de privacidad europea, published on 21 July 2013, last retrieved on 9 April 2018.