New EU GDPR regulation expected to be approved in early 2016

Apr 5, 2016 18:25 GMT  ·  By

The moment when the European General Data Protection Regulation (EGDPR) comes into effect is getting closer, and most of us need some help in order to understand the EU's upcoming data reform legislation.

Back in January 2012, the European Parliament started its plan to change the legal framework employed for the protection of EU citizens' data.

In the past four years, EU representatives from various countries have been debating, appending, and removing amendments from a new EU law that they eventually agreed upon on December 15, 2015, and planned to formally adopt in early 2016.

Called the European General Data Protection Regulation, this new law will replace a 21-year-old EU directive and will automatically impose, due to its "regulation" status, on all EU members and companies that do business in its territories.

To simplify its purpose, the EGDPR will provide the same data protection rules among all countries in the EU, regulating details such as the user data that companies are allowed to collect, how they store it, how to safeguard from data breaches, who's responsible in case something like this happens, and the inherent sanctions.

While this might look like another piece of useless legislation, in theory, the EGDPR should deter companies from relaxing when it comes to data storage security and privacy-intrusive policies.

Facing fines of 4% of their global annual turnover and up to €20 million, the EGDPR is the best law that the EU could have come up with to force companies to acknowledge the importance of data breaches and take the appropriate prevention measures.

The infographic below is courtesy of Barricade, a security vendor that provides full-stack security services.

EU GDPR Compliance, Visually Explained
EU GDPR Compliance, Visually Explained