Five Years of GDPR: A Review

The General Data Protection Regulation is the most recognizable and comprehensive data protection law that came into effect on 25 May 2018. The passage of the GDPR propelled data privacy into prominence at the world stage. Many countries’ data protection laws have been modeled after the GDPR at the national and subnational level (Brazil – LGPD, Canada – PIPEDA, Nigeria – NDPA, and California – CPRA). There has been increased awareness about individual privacy rights. There have also been big Fines and Penalties against companies in the social media and e-Commerce space for noncompliance with GDPR principles ( e.g., Facebook – 1.2 bn Euros and Amazon – 746 m euros). This article by our managing partner is a review of the impact of GDPR in the last five years and a snapshot of the future of data privacy and security.