Welcome to GDPR Today – your online hub for staying tuned to the (real) life of EU data protection law. As you know, every two months we publish statistics showing how the GDPR is being applied across Europe. We also share relevant news, from legal guidelines and decisions to data breaches, new codes of conduct, important business developments, and – of course – memes.

This edition brings you data from ten national data protection authorities on the implementation of the GDPR. Although this is a smaller number than we would have liked, it is encouraging to be able to report that nearly one year on since the GDPR came into force, complaints and data breaches continue to be notified with regularity. Check out our “GDPR in Numbers” section to see how the law is being used in practice.

The last couple of months have seen a flurry of GDPR activity, at both national and EU institutional level. Authorities in Germany, the Netherlands and Spain have issued strong statements, interpretations and rulings challenging how personal data is used by online platforms and political parties and calling for increased privacy protections. The European Data Protection Board and Supervisor have both issued reports which showcase how GDPR is being applied at EU level. Only just this week, European Commissioner Věra Jourová made a forthright conference speech extolling the benefits that the GDPR is bringing to businesses and citizens, both within the EU and globally.

Not all is positive progress. It is disappointing that the European Commission has still not yet taken action to ensure that Romania properly implements the GDPR. There are also several countries which have yet to publish any GDPR data. These gaps in transparency and enforcement dangerously undermine the consistent application of the GDPR across all EU Member States.

We all have a role to play in making data protection a reality. Here at GDPR Today, we will continue monitoring and reporting on these efforts, and we look forward to seeing continuing improvement by businesses, States and international institutions.


Amy Shepherd, Open Rights Group



The content and data presented in this edition was provided by:

Access Now

Association for Technology and Internet

Bits of Freedom

Data Skydd

Homo Digitalis


Open Rights Group

Panoptykon Foundation

Privacy International