General Data Protection Regulation

The General Data Protection Regulation (Regulation (EU) 2016/679, abbreviated GDPR) is a European Union regulation on Information privacy in the European Union (EU) and the European Economic Area (EEA). The GDPR is an important component of EU privacy law and human rights law, in particular Article 8(1) of the Charter of Fundamental Rights of the European Union. It also governs the transfer of personal data outside the EU and EEA. The GDPR's goals are to enhance individuals' control and rights over their personal information and to simplify the regulations for international business. It supersedes the Data Protection Directive 95/46/EC and, among other things, simplifies the terminology. The European Parliament and Council of the European Union adopted the GDPR on 14 April 2016, to became effective on 25 May 2018. Because the GDPR is a regulation, rather than a European Union directive, it is directly binding and applicable, and it provides flexibility for individual member states to modify some provisions of the GDPR. The regulation became a model for many other laws around the world, including in Turkey, Mauritius, Chile, Japan, Brazil, South Korea, South Africa, Argentina and Kenya. , the United Kingdom enacted its own law identical to the GDPR despite no longer being an EU member state. The California Consumer Privacy Act (CCPA), adopted on 28 June 2018, has many similarities with the GDPR. The GDPR 2016 has eleven chapters, concerning general provisions, principles, rights of the data subject, duties of data controllers or processors, transfers of personal data to third countries, supervisory authorities, cooperation among member states, remedies, liability or penalties for breach of rights, and miscellaneous final provisions. Recital 4 proclaims that ‘processing of personal data should be designed to serve mankind’. The regulation applies if the data controller (an organisation that collects information about living people, whether they are in the EU or not), or processor (an organisation that processes data on behalf of a data controller like cloud service providers), or the data subject (person) is based in the EU.

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Related publications (5)

Related people (2)

Related concepts (33)

Related courses (18)

Related lectures (152)

Related MOOCs (1)

HUM-414: Law and technology II

Ce cours présente le cadre légal applicable à certaines problématiques dans des domaines à caractère technique, tels que le droit de l'informatique, la biotechnologie, la protection des données, la di

CS-523: Advanced topics on privacy enhancing technologies

This advanced course will provide students with the knowledge to tackle the design of privacy-preserving ICT systems. Students will learn about existing technologies to prect privacy, and how to evalu

EE-552: Media security

This course provides attendees with theoretical and practical issues in media security. In addition to lectures by the professor, the course includes laboratory sessions, a mini-project, and a mid-ter

Information sensitivity

Information sensitivity is the control of access to information or knowledge that might result in loss of an advantage or level of security if disclosed to others. Loss, misuse, modification, or unauthorized access to sensitive information can adversely affect the privacy or welfare of an individual, trade secrets of a business or even the security and international relations of a nation depending on the level of sensitivity and nature of the information. This refers to information that is already a matter of public record or knowledge.

Privacy

Privacy (UK, US) is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively. The domain of privacy partially overlaps with security, which can include the concepts of appropriate use and protection of information. Privacy may also take the form of bodily integrity. There have been many different conceptions of privacy throughout history. Most cultures recognize the right of an individual to withhold aspects of their personal lives from public record.

Privacy law

Privacy law is the body of law that deals with the regulating, storing, and using of personally identifiable information, personal healthcare information, and financial information of individuals, which can be collected by governments, public or private organisations, or other individuals. It also applies in the commercial sector to things like trade secrets and the liability that directors, officers, and employees have when handing sensitive information.

Humanitarian Action in the Digital Age

The first MOOC about responsible use of technology for humanitarians. Learn about technology and identify risks and opportunities when designing digital solutions.

Analyzing and processing data that are siloed and dispersed among multiple distrustful stakeholders is difficult and can even become impossible when the data are sensitive or confidential. Current dat

EPFL2021

The connection of a DG unit to a weak power system is challenging due to stability issues resulted from dynamic interactions between the DG unit and the grid. LCL-based DG unit is a particularly chall

Institute of Electrical and Electronics Engineers2017

Reliability Analysis of Data Storage Systems

Vinodh Venkatesan

Modern data storage systems are extremely large and consist of several tens or hundreds of nodes. In such systems, node failures are daily events, and safeguarding data from them poses a serious desig

EPFL2012

Explores privacy protection legislation, including GDPR interpretation and upcoming Swiss data protection regulations.

Explores Swiss legal framework on data protection, privacy, cybercrimes, and the role of the Federal Data Protection Commissioner.

Explains the roles in the LPD, such as Data Controller and Data Processor.