March 25, 2019

March 22, 2019

Subscribe to Latest Legal News and Analysis

EU Passes Sweeping New Privacy and Data Security Laws

European Parliament today voted into law a new General Data Protection Regulation (“GDPR”) that will replace the EU’s all-encompassing Data Protection Directive as of mid-2018.

Today’s vote brings to a close a legislative process that has lasted nearly five years; the law’s official publication, which should be forthcoming, will start the clock on a two-year transition period until the new rules take effect.

The GDPR was approved by the European Parliament today as part of a contentious package of laws that also includes a new Passenger Name Records (“PNR”) Directive, aimed at wider collection and sharing of traveler data for counter-terrorism and crime prevention purposes; and a Policing and Criminal Justice Data Protection Directive (“PCJ DPD”) that will regulate law enforcement agencies’ use of personally identifying information.

The Parliament’s approval of the PCJ DPD enshrines it into law, while the PNR Directive still requires, as a mere formality, approval by the Council of the EU.  Both laws are also scheduled to take effect in mid-2018.

© 2019 Covington & Burling LLP

TRENDING LEGAL ANALYSIS


About this Author

Philippe Bradley-Schmieg, Covington Burling, Data privacy and cybersecurity attorney
Associate

Philippe Bradley-Schmieg's practice covers a range of regulatory and commercial matters affecting the IT, internet media, e-health and telecoms sectors across the world.

Mr. Bradley-Schmieg advises on legislation, enforcement, advocacy and contracts relating to privacy, data protection, consumer protection, intermediary liability, copyright and databases, Big Data, medical confidentiality, cybersecurity, law enforcement data requests, and smart medical devices and apps.

44-20-7067-2282