A year ago, we wrote about Europe’s General Data Protection Regulation, or GDPR. A year later, little has come to fruition as under-resourced European regulators are still struggling to comprehensively define their mission as they simultaneously attempt to pursue investigations they know will end up in front of the courts.
The General Data Protection Regulation (GDPR) was passed by the EU in 2016, establishing new rules for how companies manage and share consumer data. It was introduced to ensure that all data protection laws are applied uniformly throughout EU member countries. With GDPR, the definition of personal data has been expanded to include genetic, biometric (facial recognition and finger prints), location data, pseudonymized data, and online identifiers.