General Data Protection Regulation (GDPR)


4 out of 5

This European Union regulation would mandate all organizations implement personal security protections at an unprecedented scale - especially in an age where data collection is so often synonymous with national security. Among its many protections, the GDRP broadens the definition of personal data and expands the need for user consent to collect that data. The responsibility to protect data must be done by someone in that organization designated as the Data Protection Officer. The bill includes extremely heavy fines for noncompliance.


The ambitious reach of this policy will certainly send a signal to many countries about the direction and importance of personal data. The EU could set a powerful precedent on consumer privacy with this bill's enactment.


The unfunded mandates put on businesses to fully comply with this policy could make it unworkable, and overly ambitious to the point of being counter productive.

  • International,
  • Mass Surveillance,
  • Privacy