GDPR: Personal Data Protection in the European Union

European Monographs Series Set Volume 114

GDPR: Personal Data Protection in the European Union gives a detailed account of the legal and practical aspects of EU’s personal data protection law and presents the new solutions according to the new legal situation following its recent reform. Personal data protection has become one of the central issues in any understanding of the current world system. In this connection, the EU has created the most sophisticated regime currently in force with the General Data Protection Regulation (GDPR) (EU) 2016/679. This book offers a comprehensive discussion of key principles of personal data processing, obligations of data controllers, and rights of data subjects, providing a thorough, up-to-date account of the legal and practical aspects of personal data protection in the EU and expanding the scope in the context of electronic communication, including aspects such as digital marketing and cookies, under the ePrivacyDirective 2002/58/EC, which complements the GDPR.

What’s in this book:

Among the broad spectrum of aspects of the subject covered, it includes the recent judgment of the Court of Justice of the European Union (CJEU) on data transfers and new or updated data protection authorities’ guidelines in the EU Member States and the following:

–          right to privacy judgments of CJEU and the European Court of Human Rights;

–          scope of the GDPR and its key definitions, key principles of personal data processing;

–          legal bases for the processing of personal data;

–          direct and digital marketing, cookies, and online behavioural advertising;

–          processing of personal data of employees;

–          sensitive data and criminal records;

–          information obligation and privacy notices;

–          data subjects rights;

–          data controller, joint controllers, and processors;

–          data protection by design and by default, data security measures, risk-based approach, records of personal data processing activities, notification of a personal data breach to the supervisory authority and communication to the data subject, data protection impact assessment, codes of conduct and certification;

–          Data Protection Officer;

–          transfer of personal data to non-EU/EEA countries; and

–          privacy in the Internet and surveillance age.

How this will help you:

Referencing many rulings of European courts, as well as interpretations and guidelines formulated by European data protection authorities, this book will be of great practical value to lawyers, multinational corporations and their customers and contractors. As the global scale and evolution of information technologies have changed the data processing environment and brought in new challenges, and as many non-EU jurisdictions have adopted equivalent regimes or largely analogous regulations, this book will be an indispensable source of practical guidance and information to lawyers and business leaders for many years to come.