The European Union’s General Data Protection Regulation: How Will it Affect Non-EU Enterprises?

By: Manu J. Sebastian

Introduction: In a world where technology is ever changing and personal data is being processed and saved at every turn, corporations must be held accountable for the data they collect, store, and use. The consumer truly does not understand the levels of data capture and retention that corporations employ, and the European Union’s (“EU”) government is on a mission to ensure that its citizens are protected because it believes personal data protection is a fundamental right that all people should enjoy. The EU created the General Data Protection Regulation (“GDPR”) in an attempt to protect data without detrimentally inhibiting cross-border data flow.

The GDPR is in its final stages of adoption and corporations around the world are working to preemptively establish controls within their internal structures in order to be compliant. These new changes will protect personal data on a level that has never before been seen, but it will come at a great cost to the consumer. The data that is being protected moves far beyond identification numbers and medical data. The GDPR seeks to protect names, phone numbers, addresses, economical data, cultural identity, racial origin, social identity, profiling data, and online identifiers such as IP address and location data, on top of the normal protections of health data and biological samples. The regulation is based on the notion that every single person has the right to have his personal data protected and it protects all people in the EU. These new changes make us ask a very important question: How exactly will Non-EU enterprises be affected?

Click here to read the full article.