This article is provided courtesy of Gideon Franklin Limited, a company with which Amidas Partners closely collaborates on cross-border M&A. The article is on the topic GDPR (General Data Protection Regulation) on the occasion of the first anniversary of this important new regulation. It impacts (1) any Japanese company with a subsidiary in Europe and (2) the due diligence process for M&A.
Described by The Economist in its World in 2018 publication as the “...the most complex piece of regulation the EU has ever produced...”, the implementation of the General Data Protection Regulation (GDPR) on 25 May 2018 was intended to provide individuals with increased transparency and control over how their personal data is used in the digital age.
The GDPR aimed to redress the privacy imbalances created by the rapid rise of the Internet, social media, online advertising, automated decision making and other exploitation of personal data made possible by rapid technological advancements.
For their part, such organisations were expected to overhaul their businesses to comply with the world’s strictest data protection laws and foster a “culture of privacy” throughout all aspects of their operations. Onerous financial and reputational sanctions could be imposed, should they fail to meet the necessary standards.
As the GDPR comes up to its first birthday on 25 May 2019, we look at the challenges which businesses face in complying with the new law, how it is being enforced and why businesses still need to take it seriously.
For the full article please click here.