When the EU legislation on data protection was put in place in 1995, the internet looked very different. While previously most data was stored on private or corporate computers, today much of our personal data is in the cloud, under the control of a third party platform or service providers, who are mostly based in Silicon Valley. Though social networks are certainly useful to stay in touch with friends and share information, storing personal data here also risks being used in ways that can have an economic and reputational impact.
In response to this, the European commission has decided to pass the GDPR (General Data Protection Regulation). This new law intends to strengthen and unify data protection for individuals within the European Union (EU) while also addressing export of personal data outside the EU.