Home / Insight / GDPR

GDPR

The EU General Data Protection Regulation came into force on 25 May 2018 and introduced some of the most strict data protection laws in the world. The CMS data protection team offers clients legal advice on all aspects of the GDPR and aims to help you understand where to focus your GDPR compliance efforts.

Please select one of the jurisdictions from the list below to find out more about GDPR in your country.

Data Law Nav­ig­at­or
Use the Data Law Nav­ig­at­or for a quick look at data pro­tec­tion laws in...
CMS Breach As­sist­ant app
A head start dur­ing the first crit­ic­al hours of a data breach
GDPR En­force­ment Track­er Re­port
The GDPR En­force­ment Track­er Re­port aims to provide you with valu­able in­sights...

Feed

Show only
26 April 2021
CMS Ex­pert Guide to the im­pact of GDPR in non-EU coun­tries
The European Uni­on's Gen­er­al Data Pro­tec­tion Reg­u­la­tion (“GDPR“) is an in­ter­est­ing piece of le­gis­la­tion for sev­er­al reas­ons but es­pe­cially due to its ap­plic­a­tion to busi­nesses not con­nec­ted to the...
05 March 2021
CMS Ex­pert Guide: Data Law Nav­ig­at­or
Data provides a whole range of op­por­tun­it­ies but also in­cludes new and unique risks for com­pan­ies, gov­ern­ments and in­di­vidu­als. From sec­tor-spe­cif­ic nu­ances to loc­al derog­a­tions from the EU GDPR, sim­ul­tan­eously...
Comparable
17 July 2020
Schrems strikes again: EU-US Pri­vacy Shield in­val­id; Stand­ard Con­trac­tu­al...
A clash between US na­tion­al sur­veil­lance law and EU data pro­tec­tion stand­ards, which lies at the heart of Case C-311/18, Data Pro­tec­tion Com­mis­sion­er v Face­book Ire­land and Max­i­mil­lian Schrems (“Schrems...
14 July 2020
The Chan­ging Face of Cy­ber Claims
At the in­vit­a­tion of glob­al ex­perts in in­sur­ance brok­ing and risk man­age­ment, Marsh, and IT con­sult­ants, Wave­stone, CMS has con­trib­uted to The Chan­ging Face of Cy­ber Claims study which looks at prac­tic­al...
10 June 2020
DI­FC Data Pro­tec­tion Law
In­tro­duc­tion Fol­low­ing a series of con­sulta­tions, the Dubai In­ter­na­tion­al Fin­an­cial Centre (DI­FC) has is­sued Data Pro­tec­tion Law No.5 of 2020 (DPL), which in­creases pri­vacy com­pli­ance re­quire­ments for...
12 May 2020
Loc­a­tion apps in the time of COV­ID-19
Con­tact tra­cing and loc­a­tion data-based ap­plic­a­tions have re­cently be­come the sub­ject of the heated de­bates in view of their wide­spread use in the fight against the COV­ID-19 pan­dem­ic. In re­sponse to...
April 2020
Data ac­cord­ing to Private Law
Al­though data rep­res­ents the corner­stone of the new eco­nomy and pos­sesses sig­ni­fic­ant eco­nom­ic value as a cru­cial com­pon­ent of com­pan­ies (to­geth­er with hu­man, ma­ter­i­al and fin­an­cial re­sources), the study...
12 March 2020
“High-risk AI”: a European ap­proach to ex­cel­lence and trust
On 19 Feb­ru­ary 2020, the European Com­mis­sion (the “Com­mis­sion”) pub­lished a White Pa­per en­titled ‘On Ar­ti­fi­cial In­tel­li­gence - A European ap­proach to ex­cel­lence’. Build­ing upon the European strategy...
11 March 2020
China pub­lishes new spe­cific­a­tion on per­son­al data se­cur­ity
On 7 March 2020, China pub­lished an up­dated ver­sion of the “In­form­a­tion se­cur­ity tech­no­logy – Per­son­al in­form­a­tion se­cur­ity spe­cific­a­tion” (“New Spe­cific­a­tion”), which will take ef­fect on 1...
05 March 2020
Coronavir­us and the GDPR – pri­vacy ad­vice for com­pan­ies
When in­tro­du­cing meas­ures for em­ploy­ees, vis­it­ors and con­tract­ors to re­spond to the coronavir­us threat, com­pan­ies must choose pro­ced­ures that min­im­ise both the risk of in­fec­tion and pri­vacy non-com­pli­ance...
18 February 2020
‘Les­sons learnt’ from the Maastricht Uni­versity cy­ber at­tack
On 23 Decem­ber 2019, Maastricht Uni­versity found it­self the vic­tim of a sig­ni­fic­ant cy­ber at­tack, which res­ul­ted in cy­ber crim­in­als tak­ing some of its data host­age. A man­age­ment sum­mary of what happened...
17 February 2020
Opin­ion on stand­ard con­trac­tu­al clauses: more a com­pli­ance head­ache than...
A re­cent non-bind­ing Opin­ion of the Ad­voc­ate Gen­er­al has sig­nalled that the stand­ard con­trac­tu­al clauses can con­tin­ue to be used as a safe­guard for trans­fer­ring per­son­al data out­side the EEA. However...