Maciej Gawronski
Published: 2019-07-17
Total Pages: 302
Get eBook
To execute and guarantee the right to privacy and data protection within the European Union (EU), the EU found it necessary to establish a stable, consistent framework for personal data protection and to enforce it in a decisive manner. This book, the most comprehensive guide available to the General Data Protection Regulation (GDPR), is the first English edition, updated and expanded, of a bestselling book published in Poland in 2018 by a renowned technology lawyer, expert to the European Commission on cloud computing and to the Article 29 Working Party (now: the European Data Protection Board) on data transfers who in fact contributed ideas to the GDPR. The implications of major innovations of the new system – including the obligation of businesses to consult the GDPR first rather than relevant Member State legislation and the extension of the GDPR to companies located outside of the European Economic Area – are fully analysed for the benefit of lawyers and companies worldwide. Among the specific issues and topics covered are the following: insight into the tricky nature of the GDPR; rules relating to free movement of personal data; legal remedies, liability, administrative sanctions; how to prove compliance with GDPR; direct liability of subcontractors (sub-processors); managing incidents and reporting data breaches; information on when and under what conditions the GDPR rules may apply to non-EU parties; backups and encryption; how to assess risk and adjust security accordingly and document the process; guidelines of the European Data Protection Board; and the GDPR’s digest for obligated parties in a form of a draft data protection policy. The Guide often breaks down GDPR articles into checklists of specific requirements. Of special value are the numerous ready-to-adapt template compliance documents presented in Part II. Because the GDPR contains a set of new obligations and a perspective of severe administrative fines for non-compliance, this guide is an indispensable practical resource for corporate data protection officers, in-house counsel, lawyers in data protection practice, and e-commerce start-ups worldwide.