GDPR Resource Centre

The far-reaching General Data Protection Regulation affects roughly two-thirds of the world’s business leaders.

The GDPR (2016/679), the European Union’s new privacy rule, went into effect on 25 May 2018. This sweeping regulation applies to all organisations within the EU—as well as those outside the EU if they offer goods or services to, or monitor the behavior of, individuals residing in the EU.

This sea-change regulation significantly changes how companies may collect and use the personal data of EU residents. And penalties for violating the GDPR are steep: up to the greater of 4% of a company’s global revenue or 20 million Euros (nearly $23.5 million).

Morgan Lewis is prepared to guide global companies and institutions through the challenges they face in this new regulatory environment. We assist clients in virtually all the major industries around the globe in understanding how these important changes will affect their businesses and how to navigate the changing data privacy landscape.

insight

Not All Businesses Are Treated the Same

outside publication

EU Data Protection: GDPR In Full Force and Now?, American Institute for Contemporary German Studies

lawflash

GDPR Litigation Begins on First Day

Publications

The eData Guide to GDPR: Not All Businesses Are Treated the Same (08/06/2018)

The eData Guide to GDPR: GDPR Obligations for Controllers and Processors Both Inside and Outside the EU (07/23/2018)

European Court of Justice Sheds Light on Who Is a ‘Data Controller’ Under GDPR, Tech & Sourcing @ Morgan Lewis (07/17/2018)

The eData Guide to GDPR: What is Sensitive Personal Data? (07/16/2018)

The eData Guide to GDPR: What Is Personal Data Under the GDPR? (07/09/2018)

The eData Guide to GDPR: Whose Data Is Protected Under the GDPR? (06/20/2018)

The eData Guide to GDPR: What Is the GDPR? (06/15/2018)

European Data Protection Board Provides Guidance for GDPR Compliance on Consents, Tech & Sourcing @ Morgan Lewis (06/07/2018)

Germany Enacts GDPR Implementation Law (06/06/2018)

GDPR Litigation Begins on First Day (06/01/2018)

Can we rely on consent for processing personal data if we offer incentives?, Thomson Reuters Practical Law ( May 2018)

The eData Guide to the GDPR: Series Overview (May 2018)

GDPR’s New Requirements: What Investment Managers, Funds, Banks, and Broker-Dealers Need to Know (04/17/2018)

Legislature Approves Data Access Outside of the US (CLOUD Act) (March 2018)

European Data Privacy: Beware and Prepare (02/08/2018)

GDPR Spells Trouble for Two-Thirds of Global Business Leaders, Tech & Sourcing @ Morgan Lewis (02/02/2018)

Cloud Security Alliance Releases Code of Conduct for GDPR Compliance, Tech & Sourcing @ Morgan Lewis (11/29/2017)

ICO Offers Guidance for Contracts under the GDPR, Tech & Sourcing @ Morgan Lewis (09/29/2017)

The New European Data Privacy Regime (07/21/2017)

Advertisers, Data Collection, and the GDPR, Tech & Sourcing @ Morgan Lewis (06/30/2017)

French Data Protection Authority Provides Guidance on Preparing for GDPR (03/28/2017)

How the General Data Protection Regulation Will Apply to and Affect the UK (03/22/2017)

How Will Leaving the EU Affect UK Data Privacy (March 2017)

EU Proposed ePrivacy Rules to Extend to all Electronic Communications Providers, Tech & Sourcing @ Morgan Lewis (01/11/2017)

Three States Join Others to Expand Personal Information Definition to Include Usernames or Email Addresses (January 3, 2017 (Updated January 4, 2017))

Events & Recordings

GDPR - Why it is Relevant to Your US Organization (05/09/2018)

2018 Annual Technology, Outsourcing & Commercial Contracts Networking Roundtable (04/26/2018)

What Do Technology Businesses Need to Know About the GDPR? (05/22/2017)

In the Media

05/31/2018 - What to Know About Complying with GDPR
Partner Tess Blair spoke with Law360 about several basic compliance steps that companies should take to comply with GDPR requirements.