Eight months after its implementation date, GDPR is driving a sea change in data protection practices, including review of user interfaces, tightening of vendor agreements and appointment of thousands of data protection officers. More than just a European legal reform, GDPR has cross border effects from the U.S. to Brazil to Japan, including implications for foreign relations and trade policy. In this session, one of Europe’s central data protection commissioners discusses first lessons from the GDPR rollout with the Head of the International Data Flows and Data Protection Unit at the European Commission. What is working and what isn’t with GDPR? What are some of the unexpected implications of the legal reform?
• Is the new law fit for the socio-technological challenges ahead or is it obsolete out of the gate?
• How are new enforcement and compliance mechanisms, including one stop shop and the EDPB working in practice?
• How will policymakers react to disruptive changes, including Brexit and legal challenges to data transfer mechanisms?
• How does data protection interact with competition policy?