New EU data laws intend to build on the GDPR

The EU legislative mission on data did not finish with the GDPR. Tom Cooper reports on the new measures.

The European Union (EU) is serving up an acronym soup with a slew of new legislation joining, or soon to join, the EU General Data Protection Regulation (GDPR) on the statute books.

“All these instruments are part of a wider European agenda which is targeting the responsibilities of tech companies,” Karolina Mojzesowicz, Deputy Head, Data Protection Unit, European Commission, said at PL&B’s 36th Annual International Conference in July, as she outlined the new and upcoming legislation.

The GDPR remains the overarching law controlling the processing of personal data in the bloc. The new laws do not, for example, introduce any new legal basis for processing personal data. There are, however, a small number of additional restrictions on processing that apply to large online service providers (the so-called very large online platforms or VLOPs) under the Digital Services Act (DSA). But the responsibility for policing the processing of personal data remains fully with Data Protection Authorities.

Continue Reading

International Report subscribers, please login to access the full article


If you wish to subscribe, please see our subscription information.