PDF iconDownload This Paper
Open PDF in Browser
Add Paper to My Library
Permalink
Using these links will ensure access to this page indefinitely
Copy URL
Copy DOI

The European Union General Data Protection Regulation: What It Is And What It Means

UC Berkeley Public Law Research Paper

35 Pages Posted: 16 Oct 2018 Last revised: 15 Feb 2019

See all articles by Chris Jay Hoofnagle

Chris Jay Hoofnagle

University of California, Berkeley - School of Law; University of California, Berkeley - School of Information

Bart van der Sloot

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT)

Frederik Zuiderveen Borgesius

iHub, Radboud University, Nijmegen

Date Written: September 24, 2018

Abstract

This paper introduces the strategic approach to regulating personal data and the normative foundations of the European Union’s General Data Protection Regulation (“GDPR”). The article is written for lawyers and academics from in- and outside the EU, whether privacy specialists or not. We explain the genesis of the GDPR, which is best understood as an extension and refinement of existing requirements imposed by the 1995 Data Protection Directive; describe the GDPR’s approach and provisions; and make predictions about the GDPR’s short and medium-term implications. We also highlight where the GDPR takes a different approach than U.S. privacy law. The GDPR is the most consequential regulatory development in information policy in a generation. The GDPR brings personal data into a detailed regulatory regime, not unlike an intellectual property regime, that will influence personal data usage worldwide. Understood properly, the GDPR encourages firms to develop information governance frameworks, to in-house data use, and to keep humans in the loop in decision making. Companies with direct relationships with consumers have strategic advantages under the GDPR, compared to third party advertising firms on the internet. To reach these objectives, the GDPR uses big sticks, structural elements that make proving violations easier, but only a few carrots. The GDPR will complicate and restrain some information-intensive business models. But the GDPR will also enable approaches previously impossible under less-protective approaches.

Keywords: Privacy, Data Protection, EU, European Union, General Data Protection Regulation, GDPR, Information Privacy, Consumer Privacy

JEL Classification: K12, K00, D10, D11, D20, D30, D40, D60, D70, L00, L11, L20, L51

Suggested Citation

Hoofnagle, Chris Jay and van der Sloot, Bart and Zuiderveen Borgesius, Frederik, The European Union General Data Protection Regulation: What It Is And What It Means (September 24, 2018). UC Berkeley Public Law Research Paper, Available at SSRN: https://ssrn.com/abstract=3254511 or http://dx.doi.org/10.2139/ssrn.3254511

Chris Jay Hoofnagle

University of California, Berkeley - School of Law ( email )

341 Berkeley Law Building
Berkeley, CA 94720-7200
United States
‭(510) 666-3783‬ (Phone)

HOME PAGE: http://hoofnagle.berkeley.edu

University of California, Berkeley - School of Information ( email )

212 South Hall
Berkeley, CA 94720-4600
United States
510-643-0213 (Phone)

HOME PAGE: http://hoofnagle.berkeley.edu

Bart Van der Sloot

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Frederik Zuiderveen Borgesius (Contact Author)

iHub, Radboud University, Nijmegen ( email )

Nijmegen
Netherlands

PDF iconDownload This Paper
Open PDF in Browser

Do you have negative results from your research you’d like to share?

Submit Negative Results

Paper statistics

Downloads
2,052
Abstract Views
10,983
Rank
13,573
11 Citations
35 References
PlumX Metrics

Related eJournals

  • University of California, Berkeley School of Law, Public Law & Legal Theory Research Paper Series

    Follow

    University of California, Berkeley School of Law, Public Law & Legal Theory Research Paper Series

    Subscribe to this free journal for more curated articles on this topic

    FOLLOWERS
    4,213
    PAPERS
    979
    This Journal is curated by:
    Kathryn R. Abrams at University of California, Berkeley - School of Law

  • Cyberspace Law eJournal

    Follow

    Cyberspace Law eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    2,023
    PAPERS
    12,620
    This Journal is curated by:
    Peter Swire at Georgia Institute of Technology - Scheller College of Business, Jonathan L. Zittrain at Harvard Law School and Harvard Kennedy School of Government, Kalie Mayberry at Harvard University - Harvard Law School

  • Information Systems Legislation & Regulations eJournal

    Follow

    Information Systems Legislation & Regulations eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    1,868
    PAPERS
    5,903

  • Law & Society: Public Law - Constitutional Law eJournal

    Follow

    Law & Society: Public Law - Constitutional Law eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    979
    PAPERS
    24,805
    This Journal is curated by:
    Steve Sanders at Indiana University Maurer School of Law

  • European Public Law: EU eJournal

    Follow

    European Public Law: EU eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    950
    PAPERS
    14,514
    This Journal is curated by:
    Paul B. Stephan at University of Virginia School of Law, A.U. (André) Janssen at Radboud University Nijmegen - Faculty of Law

  • Information Privacy Law eJournal

    Follow

    Information Privacy Law eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    447
    PAPERS
    7,927
    This Journal is curated by:
    Daniel J. Solove at George Washington University Law School, Chris Jay Hoofnagle at University of California, Berkeley - School of Law

  • Consumer Law eJournal

    Follow

    Consumer Law eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    392
    PAPERS
    9,390
    This Journal is curated by:
    Jeff Sovern at University of Maryland Francis King Carey School of Law

  • Innovation Law & Policy eJournal

    Follow

    Innovation Law & Policy eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    263
    PAPERS
    28,842

  • Cybersecurity, Privacy, & Networks eJournal

    Follow

    Cybersecurity, Privacy, & Networks eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    263
    PAPERS
    3,950

  • Cybersecurity & Data Privacy Law & Policy eJournal

    Follow

    Cybersecurity & Data Privacy Law & Policy eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    209
    PAPERS
    6,669
    This Journal is curated by:
    Brian Ray at College of Law, Cleveland State University

  • Legal Anthropology: Laws & Constitutions eJournal

    Follow

    Legal Anthropology: Laws & Constitutions eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    203
    PAPERS
    14,837

  • Decision-Making in Public Policy & the Social Good eJournal

    Follow

    Decision-Making in Public Policy & the Social Good eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    119
    PAPERS
    4,483

  • Communication Law & Policy eJournal

    Follow

    Communication Law & Policy eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    72
    PAPERS
    1,715