The GDPR turns two

On 25 May 2020, the General Data Protection Regulation (GDPR) celebrated its second year of ushering in Europe's strengthened framework of data protection rules.

The Vice-President for Values and Transparency and the Commissioner for Justice of the European Commission have issued a Joint Statement in which they state that “Within two years, these rules have shaped the way we deal with our personal data in Europe and has also become a reference point at global level on privacy… In the context of the coronavirus pandemic, now, more than ever, citizens must be sure that their personal data are well protected. In this respect, the GDPR and EU privacy rules play a vital role. The GDPR ensures that citizens have more control over their personal data and sets at the same time a framework for trustworthy innovation. GDPR is a cornerstone of the European digital transition.”

The GDPR is informed in its interpretation and application by an important body of work in the form of guidance and opinions issued by the European Data Protection Board (EDPB) and its predecessor the Article 29 Working Party.

In celebration of the GDPR’s second birthday, we will be publishing a series of posts discussing and outlining the key elements of the core guidance issued by the EDPB.

The Joint Statement can be found here.

A comprehensive list of guidance issued or endorsed by the EDPB since the introduction of the GDPR can be found here.