The European Union’s landmark law for protecting European citizens’ data privacy still lacks specifics a year after taking effect. Questions linger over how companies should handle data access requests from individuals; the extent to which GDPR obligations extend to companies outside the EU; and when and how companies should be penalized for not complying with the new regulations. Of counsel in Morrison & Foerster’s Privacy & Data Security practice Alja Poler de Zwart is quoted.
If you would like to read this report, please note that a subscription is required.