You are here
The General Data Protection Regulation: a milestone in a long journey
As the GDPR entered into force on 25 May 2018, applying it in a uniform and balanced way at national level remains a key concern for AmCham EU.
The AmCham EU plenary event ‘GDPR: What is next?’ addressed this and other issues related to GDPR and data privacy.
Claudia Selli (Director Government Affairs, AT&T) moderated the panel discussion, which featured Christian D’Cunha (Head of Private Office of Giovanni Buttarelli, the European Data Protection Supervisor), Vivienne Artz (Chief Privacy Officer, Thomson Reuters) and Jeremy Rollison (Director of EU Government Affairs, Microsoft).
Speakers highlighted that in their compliance, companies need to be mindful that their actions reflect both the obligations under GDPR and their target markets. Conflict of laws issues (eg in case of cybersecurity and anti-fraud activities) as well as getting all customers on board will continue to challenge businesses.
Going forward, the alignment between the GDPR and possible e-Privacy rules proposed by the Commission in January 2017 remains a major concern for AmCham EU members. Meanwhile, uncertainty persists over instruments for international data transfers, given on-going legal challenges which include standard contractual clauses.
As keynote speaker of the event, Wojtek Talko, Member of the Cabinet of Commissioner Vera Jourová, delivered a positive message. He said that the GDPR transformed the culture of business: data protection and privacy are more important than ever before. The European Data Protection Board will have a key role in ensuring harmonisation by addressing cross-border questions. In this regard, he highlighted that the national Data Protection Authorities are starting to think in a pan-European way and the Commission has continuously encouraged the Article 29 Working Party to develop dialogue with stakeholders. The Commission is monitoring national legislation and continues to raise awareness in view of a structured report to be published in 2020, which will be a crucial moment to examine the outcomes of this regulation.
Throughout the discussions, member companies reiterated the urgent need to avoid a ‘black-out’ and find a balanced solution for ensuring GDPR compliance of the ICANN WHOIS database which suits both privacy and security needs. The WHOIS database is essential for companies to address abusive online activities.