Given the GDPR’s dramatically expanded territorial reach, increased suite of individual rights and potential for hefty penalties, U.S. multinationals must prepare now to ensure compliance.
On May 25, 2018, the General Data Protection Regulation (GDPR) goes into effect in the EU, bringing with it a series of consequences for U.S. multinationals that fail to comply. The GDPR aims to provide protection for natural persons with regard to the processing and movement of their personal data. It has an extraterritorial scope that allows it to reach U.S. companies who may not even be aware they are subject to its provisions. Additionally, the GDPR levies two tiers of fines. Noncompliance with the most stringent requirements results in fines totaling the greater amount of 4 percent of global annual revenue or €20 million ($23.58 million) and noncompliance with other provisions results in fines totaling the greater amount of 2 percent of global annual revenue or €10 million ($11.79 million).
Given the GDPR’s dramatically expanded territorial reach, increased suite of individual rights and potential for hefty penalties, U.S. multinationals must prepare now to ensure compliance.
About Duane Morris
Duane Morris recently kicked off a webinar series to help U.S. businesses take the necessary steps to comply with the GDPR once it becomes effective. The first webinar provided a “boot camp” overview of the steps U.S. multinationals need to take immediately to be compliant. Following the opening webinar, we will present our “6 for 6: Countdown to GDPR” series laying out six key considerations that U.S. multinationals need to focus on over the six remaining months until implementation of the GDPR.
Upcoming webinars include:
- The Requirements of Data Mapping for U.S. Businesses (December 19, 2017)
- Individual Consent Requirements and Document/Agreement Updates (January 9, 2018)
- The Risks of Not Having a Data Protection Officer (January 30, 2018)
- What You Need to Know About Data Subject Rights (February 21, 2018)
- Data Breaches: Protecting Your Company and Reporting Requirements (March 13, 2018)
- One Month to GDPR Enforcement: Final Preparations and Review (April 10, 2018)
To register for the webinars, or watch a replay of the “Six Months Before GDPR” boot camp, visit the Duane Morris website.
For Further Information
If you have any questions about this Alert, please contact Sandra A. Jeskie, John M. Neclerio, one of the attorneys in our Privacy and Data Protection Group or the attorney in the firm with whom you are regularly in contact.
Disclaimer: This Alert has been prepared and published for informational purposes only and is not offered, nor should be construed, as legal advice. For more information, please see the firm's full disclaimer.