Understanding the changes in the EU Data Protection: a look at the Big Picture.

The date of May 2018 for compliance with Data protection is only one component of a comprehensive, ambitious and global European Digital Single Market agenda which will change the sector considerably. With a budget of €415 billion funding approved in 2015, compliance alone is just one aspect.

Between 2015 and 2020 we are experiencing a real fundamental change in the digital environment and its future pushed ahead by the EU. Most of the Digital Single Market agenda’s 16 actions have been initiated, are in development or have been completed (see EU Parliament Legislative train). The actions’ preferred legal form has changed in Regulations, a promising step towards the harmonization of 27 heterogeneous national environments, facing homogeneous challenges.

The ePrivacy Regulation will come into force soon after GDPR. These two being closely linked, the effective functioning of the GDPR Regulation will be affected by result of the dialogue between EP, EU Commission, EU Council on the latest ePrivacy Regulation version, i.e on the agreement on “privacy by default” (such as in the privacy settings of terminal equipment and software).

Further in 2019 the sector will be solicited further by the Cybersecurity Package which will build on both GDPR and ePrivacy regulations, presenting new initiatives to further improve EU cyber resilience and response in three key areas: a) Building EU resilience to cyber-attacks and stepping up the EU’s cybersecurity capacity, including correct implementation of NIS (common level of security of network and information systems across the Union); b) Creating an effective criminal law response; c) Strengthening global stability through international cooperation.

Increasing numbers of companies and organizations eagerly endorse these changes as an opportunity to position themselves in a harmonized and facilitated exchange within and outside the EU.

Rachele Gianfranchi