This book brings together leading academics working on data protection law in the EU to analyse the most notable developments, and the most significant changes, which have occurred during the first 5 years of the GDPR.

The book includes contributions analysing the efficacy of the Regulation’s consent-based model, the struggle to regulate AdTech using the provisions of the GDPR, the controversy surrounding US-EU data sharing and the interaction of the Regulation with EU Fundamental Rights and other secondary laws regulating data.

The book is unique in setting out to record a period of rapid development – and significant challenge – for EU law through its examination of these episodes in the life of the Regulation in a single text. Each chapter examines the changes introduced by the GDPR, analyses the effect of the Regulation in practice, and maps what the next 5 years holds for one of the world’s most influential data privacy laws. The lineup of the editorial and author team reflects the pioneering role of female academics in data protection and GDPR discourse.

In highlighting the controversies and conflicts which the Regulation has faced in its first 5 years, the book illuminates the significance of the GDPR’s introduction in advancing our thinking about the function, form, and future of data protection law, and outlines those matters that remain to be resolved as the GDPR moves towards its first decade in force.