Welcome to GDPR Today – your online hub for staying tuned to the (real) life of EU data protection law. As you know, every two months we will be publishing statistics showing how the GDPR is being applied across Europe. More often, we will be sharing relevant news, from legal guidelines and decisions to data breaches, new codes of conduct, important business developments, and memes.

This month, we are not only celebrating the eighth month of the entry into application of the GDPR but also International Data Protection Day! This day was created by the Council of Europe to mark and celebrate the day that the Council’s data protection convention – known as Convention 108 – was first opened to signature in 1981. Let’s wish a happy 38th birthday to the mother of all modern data protection laws. The text of the Convention was recently modernised and is now reopened for countries to sign – something that we wholeheartedly encourage governments all around the world to do.

Over the years, January 28th has become an important opportunity to celebrate data protection and to raise awareness and promote privacy and data protection best practices globally. It is no secret that the impact of the GDPR is felt well beyond the EU borders. In this edition of GDPR Today, you can read about the EU-Japan adequacy decision, the first (relatively) large GDPR fine imposed on Google, and the possible consequences of a “no-deal” Brexit for data transfers between the EU and the UK.

Bringing the matter closer to home, we are providing you data from nine national authorities on the implementation of the GDPR. The lucky numbers this month are 50 million (unless you are Google), 9700, and 12763. To put this data in context, read our “GDPR in numbers” section and see how the law is being used in practice.

We are starting 2019 with encouraging implementation numbers and the first strong signals from DPAs regarding their willingness to enforce the GDPR. This is absolutely crucial, as we know how the former Directive 95/46 was ignored by all sectors of the industry and for the most part people were unaware of it. Of course the road ahead is still long and it won’t be without challenges. We are still waiting for the EU to act on Romania’s dangerous attempt to abuse and misapply the GDPR. A few member states still don’t have national laws implementing the GDPR. The public’s awareness and understanding of the GDPR and data protection by design also needs to grow. These issues are just a start. We all have a role to play in making data protection a reality, and here at GDPR Today, we will continue monitoring and reporting on these efforts.

Happy reading and we hope you enjoy International Data Protection Day!

Estelle Masse from Access Now


The content and data presented in this edition was provided by:

Access Now

Association for Technology and Internet

Bits of Freedom

Data Skydd

Homo Digitalis

Open Society Foundations

Panoptykon Foundation