General Data Protection Regulation: Difference between revisions
Dustin Loup (talk | contribs) m added Category:Regulation (EU) using HotCat |
Dustin Loup (talk | contribs) No edit summary |
||
Line 1: | Line 1: | ||
The '''Global Data Protection Regulation (GDPR)''' or '''Regulation (EU) 2016/679'''<ref>[http://eur-lex.europa.eu/eli/reg/2016/679/oj Regulation (EU) 2016/679 of the European Parliament and of the Council] 27 April 2016</ref> is a regulation designed to modernize and harmonize the data protection laws across the European Union (EU), giving citizens and residents of the EU more control of their data and providing a more consistent regulatory framework for businesses.<ref>[https://www.infolawgroup.com/2016/05/articles/gdpr/gdpr-getting-ready-for-the-new-eu-general-data-protection-regulation/ GDPR: Getting Ready for the New EU General Data Protection Regulation] Accessed on 8 February 2018</ref> This new EU data protection framework will replace the | The '''Global Data Protection Regulation (GDPR)''' or '''Regulation (EU) 2016/679'''<ref>[http://eur-lex.europa.eu/eli/reg/2016/679/oj Regulation (EU) 2016/679 of the European Parliament and of the Council] 27 April 2016</ref> is a regulation designed to modernize and harmonize the data protection laws across the European Union (EU), giving citizens and residents of the EU more control of their data and providing a more consistent regulatory framework for businesses.<ref>[https://www.infolawgroup.com/2016/05/articles/gdpr/gdpr-getting-ready-for-the-new-eu-general-data-protection-regulation/ GDPR: Getting Ready for the New EU General Data Protection Regulation] Accessed on 8 February 2018</ref> This new EU data protection framework will replace the Data Protection Directive, or '''Directive 95/46/EC''' of 1995. Enforcement for the GDPR goes into effect on 25 May 2018.<ref>[http://ec.europa.eu/justice/data-protection/reform/index_en.htm Reform of EU data protection rules]. Retrieved 27 Jun 2017. | ||
</ref> | </ref> | ||
[[File:GDPRTimeline.png|border|300px|right]] | [[File:GDPRTimeline.png|border|300px|right]] | ||
Line 5: | Line 5: | ||
With the update on existing legislation, the GDPR is more precise and inclusive of what constitutes private information than its predecessor. Personal data, that is anything that can identify a user, including an [[IP Address|IP address]] is included, as well as 'sensitive personal data' which may include genetic and biomedical data. | With the update on existing legislation, the GDPR is more precise and inclusive of what constitutes private information than its predecessor. Personal data, that is anything that can identify a user, including an [[IP Address|IP address]] is included, as well as 'sensitive personal data' which may include genetic and biomedical data. | ||
==Applicability and Scope== | |||
Under the Data Protection Directive of 1995 only applied to companies with legal establishment in an EU country or uses equipment located in the country to process the data. The GDPR expands the territorial reach to include controllers or processors outside of the EU for data processing activities relating to the offering of goods or services to individuals in the EU or to the monitoring of their behavior.<ref>[https://www.wileyrein.com/newsroom-newsletters-item-May_2017_PIF-The_GDPRs_Reach-Material_and_Territorial_Scope_Under_Articles_2_and_3.html The GDPR's Reach: Material and Territorial Scope Under Articles 2 and 3]</ref> | |||
==GDPR and WHOIS== | ==GDPR and WHOIS== | ||
The GDPR directly impacts the domain name space, most notability the [[WHOIS]] service. Prior to the GDPR enforcement date, [[ICANN]]'s contracted parties ([[Registry|Registries]] and [[Registrar]]s) expressed concern about their about to comply with their contractual requirement and be GDPR compliant. In light of this concern and the uncertainty around the implications of GDPR on WHOIS, ICANN announced that it would defer action against registries and registrars for noncompliance related to registration data.<ref>[https://www.icann.org/resources/pages/contractual-compliance-statement-2017-11-02-en ICANN Contractual Compliance Statement] Accessed 2 February 2018</ref> | The GDPR directly impacts the domain name space, most notability the [[WHOIS]] service. Prior to the GDPR enforcement date, [[ICANN]]'s contracted parties ([[Registry|Registries]] and [[Registrar]]s) expressed concern about their about to comply with their contractual requirement and be GDPR compliant. In light of this concern and the uncertainty around the implications of GDPR on WHOIS, ICANN announced that it would defer action against registries and registrars for noncompliance related to registration data.<ref>[https://www.icann.org/resources/pages/contractual-compliance-statement-2017-11-02-en ICANN Contractual Compliance Statement] Accessed 2 February 2018</ref> | ||
== References == | == References == | ||
[[Category:Data Protection]] | [[Category:Data Protection]] | ||
[[Category:Regulation]] | [[Category:Regulation]] | ||
[[Category:Regulation (EU)]] | [[Category:Regulation (EU)]] |
Revision as of 20:45, 8 February 2018
The Global Data Protection Regulation (GDPR) or Regulation (EU) 2016/679[1] is a regulation designed to modernize and harmonize the data protection laws across the European Union (EU), giving citizens and residents of the EU more control of their data and providing a more consistent regulatory framework for businesses.[2] This new EU data protection framework will replace the Data Protection Directive, or Directive 95/46/EC of 1995. Enforcement for the GDPR goes into effect on 25 May 2018.[3]
The GDPR places specific legal obligations on 'controllers' and 'processors', those who acts as intermediaries between the user/consumer and themselves, the government or any other actor. The controller determines how and why data is processed and processors act on the controller's behalf. Processors maintain data records and are held responsible in case of a breach.
With the update on existing legislation, the GDPR is more precise and inclusive of what constitutes private information than its predecessor. Personal data, that is anything that can identify a user, including an IP address is included, as well as 'sensitive personal data' which may include genetic and biomedical data.
Applicability and Scope edit
Under the Data Protection Directive of 1995 only applied to companies with legal establishment in an EU country or uses equipment located in the country to process the data. The GDPR expands the territorial reach to include controllers or processors outside of the EU for data processing activities relating to the offering of goods or services to individuals in the EU or to the monitoring of their behavior.[4]
GDPR and WHOIS edit
The GDPR directly impacts the domain name space, most notability the WHOIS service. Prior to the GDPR enforcement date, ICANN's contracted parties (Registries and Registrars) expressed concern about their about to comply with their contractual requirement and be GDPR compliant. In light of this concern and the uncertainty around the implications of GDPR on WHOIS, ICANN announced that it would defer action against registries and registrars for noncompliance related to registration data.[5]
References edit
- ↑ Regulation (EU) 2016/679 of the European Parliament and of the Council 27 April 2016
- ↑ GDPR: Getting Ready for the New EU General Data Protection Regulation Accessed on 8 February 2018
- ↑ Reform of EU data protection rules. Retrieved 27 Jun 2017.
- ↑ The GDPR's Reach: Material and Territorial Scope Under Articles 2 and 3
- ↑ ICANN Contractual Compliance Statement Accessed 2 February 2018