Literaturhinweis : New European General Data Protection Regulation – A Practitioner‘s Guide, Ensuring Compliant Corporate Practice : aus der RDV 2/2018, Seite 121 bis 122
Daniel Rücker/Tobias Kugler (Hrsg.), New European General Data Protection Regulation – A Practitioner‘s Guide, Ensuring Compliant Corporate Practice, C. H. Beck, München, 2018, 290 S., 150,– €
To unify data protection law in Europe and to improve the protection of fundamental rights, the new European General Data Protection Regulation (“GDPR”) introduces uniform data protection legislation that will apply directly in all European Member States from 25 May 2018. The GDPR will also serve as a binding legal framework for countless companies outside the EU that do business in the Union.
This handbook clearly and concisely addresses the legal pitfalls and compliance requirements resulting from the GDPR and explains in detail the new situation under the law. It was written to fully embrace the new European approach to data protection by focusing on the debate among legal professionals and on legal sources at European level. There is a wealth of expert legal commentary on national law, but the European debate, mandatory from 25 May 2018, still lacks comprehensive expert literature on the practical questions of data processing. Conceived as a guide for legal professionals in their day-to-day practice, this book is intended to help fill that gap using practical examples and scenarios to assist companies affected by the GDPR.
Giving comprehensive insight into the GDPR, this handbook starts with a chapter on the regulatory background (Development and importance of the data protection reform) and the essential material and personal scope of the GDPR (Scope of application of the GDPR). Subsequently, the consequences of a strictly European legal framework and rules for a consistent and uniform interpretation of the GDPR are presented in detail. Another key issue is the fundamental principles of lawful data processing under the GDPR for any company (Lawful processing of personal data in companies under the General Data Protection Regulation), including the newly introduced compatibility test. The chapter General conditions for data processing in companies under the GDPR deals with particular legal requirements to be implemented by companies. The legal assessment also addresses subjects such as the increased duties towards the data subjects and their rights, including the right to be forgotten, data portability as well as the question of group privileges and the issue of drastically increased administrative fines and damages. Finally, the chapter on Practical examples addresses inevitable aspects of data management such as cloud computing, outsourcing and data transfer to third countries outside the EU. This chapter also provides general guidance to any business for successfully exploring data as an asset. This includes direct marketing as well as (user) profiling and compliance issues in app development
(Schriftleitung)