NEWSLETTER-2017

The EU General Data Protection Regulation and Its Territorial Scope* Att. Eda Uludere Introduction In recent years, data protection has become one of the core topics of policy for many jurisdictions. Being one of the forerunners of this trend, the European Commission of the European Union (“EU”) put forward a proposal in 2012 for a comprehensive reform of data protec- tion rules to increase users’ control of their data and to cut costs for businesses; also known as the EU Data Protection Reform. By doing so, the European Commission aimed at facilitating the implementation of the Digital Single Market Strategy. After four years of preparation and many discussions that fol- lowed, the EU Parliament finally approved the General Data Protec- tion Regulation 1 (“GDPR”) on April 14th, 2016. Pursuant to Art. 99 of the GDPR, it shall enter into force on the twentieth day following that of its publication in the Official Journal of the EU, however apply from May 25th, 2018. Along with the GDPR, the EU has also approved the Directive (EU) 2016/680 2 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data. The Directive enters into force on May 5th, 2016 and EU Member States shall transpose it into their national laws by May 6th, 2018. * Article of April 2017 1 For the full text, please see: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri= uriserv:OJ.L_.2016.119.01.0001.01.ENG&toc=OJ:L:2016:119:TOC. 2 For the full text, please see: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri =uriserv:OJ.L_.2016.119.01.0089.01.ENG&toc=OJ:L:2016:119:TOC.