Digitalisation & Data Protection
One of the areas in recent years, where the EU has become increasingly more active is data protection, where a number of new regulations, headlined by the General Data Protection Regulation (GDPR), have been adopted. The EU’s competence is derived from Article 8 of the European Charter of Fundamental Rights, which stipulates that everyone has the right to the protection of personal data concerning them.
In May 2018, the GDPR entered into force. The main goals are to strengthen the fundamental rights of individuals in the digital age, to clarify rules for companies and public bodies, and to do away with the fragmentation of different national systems and the administrative burdens that result from it.
Further regulatory efforts include the new EU Copyright Directive, an effort to strengthen the position of content producers vis-à-vis tech companies. The Commission has also proposed an ePrivacy Regulation, that aims to modernise the Privacy and Electronic Communications Direcive 2002 and keep up with the fast pace at which IT-based services are developing. The EU also intends to introduce a Cybersecurity package, that creates a mechanism for setting up European cybersecurity certification schemes for specific ICT processes, products and services.