Press Release

The Scope and Impact of the EU’s New Data Protection Regulation

The European Union’s new data regulation will take effect this Friday, May 25th. AAF’s Director of Technology and Innovation Policy Will Rinehart explains what is in the General Data Protection Regulation (GDPR) as well as how it will affect American companies and possibly impact the economy as a whole.

An excerpt:

The GDPR will have two kinds of impact, an indirect one and a direct one. The indirect impact comes from the GDPR’s influence on the development of other the legal systems in other countries. Transferring personal data out of the EU requires that the receiving countries have adequate levels of protection. Because the EU has 500 million people, smaller countries are adapting their regulatory standards to ensure companies in their borders have access to the European market. The effect is the exportation of EU privacy law elsewhere. Israel, New Zealand, South Africa, Argentina, Colombia, South Korea, and Bermuda have each taken up reforms to comply with the EU…. Thus, the direct impact for U.S. companies is that they may need to comply even if they don’t technically have European operations.

Click here to read the analysis.