Although the General Data Privacy Protection Regulation (GDPR) is a data privacy law implemented by the European Union, its impact extends across the world and affects many American organizations. This pioneering regulation is designed to safeguard its citizens’ personal data and privacy rights, which are approached as fundamental rights. Across the Atlantic, businesses in the United States are not presently domestically governed by a comprehensive federal privacy law; instead, they are subject to an increasing number of sectoral and state regulations. Yet, as trade between the EU and the US has continued to develop and expand since the advent of the internet, digital services and data are now key imports and exports. Today, the GDPR’s strict data protection standards apply to many US businesses, and regulators have shown through steep enforcement fines that failure to comply will not be tolerated. Practitioners conducting business in the EU or looking to enter the region will find this webinar a helpful resource to ensure that they can understand the GDPR and adjust their practices to comply with the regulation.

In this seminar, our privacy experts begin by introducing the GDPR, both its origins and its defining characteristics. Next, our speakers explain the difference between Data Controllers and Data Processors, clarifying the critical distinction between the two positions. The conversation then moves to discuss how the GDPR regulates data transfers, as well as the liability businesses face for non-compliance, citing some of the most notable recent examples. The panel also provides practitioners with key takeaways and risks for organizations to consider, as well as thoughts on the direction of where enforcement is headed in the future.

Topics covered in this webinar:   

1. Introduction to the General Data Protection Regulation (GDPR)

2. GDPR Obligations for the Data Controller and Processor

3. GDPR Data Transfers

4. GDPR Liability, Fines, and Class Actions

5. Key Takeaways and What Lies Ahead