The Regulation stipulates that infringements of “the basic principles for processing, including conditions for consent” are subject to the highest possible administrative fines – up to €20,000,000 or 4% of global annual turnover, whichever is greater. If any detail can get the attention of the people who need to understand this, it is likely that potential fines of that scale will do the job.

The GDPR lays down a set of data processing principles to guide how organisations manage personal data. The principles can be seen as an overview of your most important duties in complying with the Regulation, and anyone reading the Regulation should keep them in mind when interpreting other requirements.

The first six ...

Get EU General Data Protection Regulation (GDPR) – An implementation and compliance guide, fourth edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.