Since 25 May 2018 the General Data Protection Regulation 2016/679 (GDPR) has applied, representing a significant overhaul of data protection law in the European Union. Although it was drafted and passed by the European Union, the GDPR imposes obligations onto organisations anywhere, so long as they collect or target data relating to people in the EU. It is one of the toughest privacy and security laws in the world and harsh fines are levied against those who violate its privacy and security standards.

This commentary provides a detailed examination of the individual articles of the GDPR and is an essential resource aimed at helping legal practitioners prepare for compliance. The second edition includes guidelines on the interpretation of the GDPR published by the European Data Protection Board as well as new case law by the Court of Justice of the European Union. This revised and updated edition includes:
•a general introduction to data protection law;
•full text of the GDPR’s articles and recitals;
•article-by-article commentary explaining the individual provisions and elements of each article.

In addition to lawyers and in-house counsel, this book is also suitable for law professors and students, and offers comprehensive coverage of this increasingly important area of data protection legislation.