Cybersecurity Law Report
Alex van der Wolk authored an article for Cybersecurity Law Report discussing how the GDPR can impact a company’s innovation at the research and development stage, potentially limiting them when datasets consist of personal information.
“It will be clear that companies that want to engage in research initiatives in the EU will need to work their way through a myriad of assessments and requirements,” Alex said. “The inability of the GDPR to provide for a clear and workable way forward for companies undertaking research projects does not seem to be on par with the EU’s objectives of fostering innovation as part of the EU’s Digital Single Market strategy. The varying degree of requirements at a national level combined with the strong requirements toward (explicit) consent, pseudonymization, and anonymization make it challenging for companies to navigate their research projects into GDPR compliance whilst making full use of their research potential. The result may well be that companies will be drawn to countries outside the EU where their projects do not face similar restrictions.”
Read the full article.