An ambitious project

Most legal practitioners are aware by now of the EU General Data Protection Regulation (GDPR) and the fact that it is due to come into force on 25 May 2018. It is well documented that the GDPR will bring about major changes to Irish and European data protection law by enhancing privacy rights of individuals and by imposing additional obligations on organisations that process personal data.

The GDPR is an ambitious legislative project, writes Dr John Cahir, a partner in the commercial and technology group at A&L Goodbody, and member of the Society’s Intellectual Property and Data Protection Law Committee. Not only does it update the rules on how personal data may be processed in the digitally connected world, it also seeks to bring about a culture change in terms of how businesses and public bodies treat personal data. As a consequence, many organisations are currently investing significant resources to ensure that they will be GDPR-ready by May.

Changing the game

It is not an exaggeration to say that most, if not all, solicitors will likely encounter the GDPR in the years ahead. Some solicitors will have individual clients who need advice on how to assert or enforce their privacy rights; others will have corporate or institutional clients that require advice on how to comply with the legislation. It is one of those rare changes in law that cuts across virtually every area of practice – from employment law to financial services law to medical law. The GDPR, Cahir suggests, could arguably be seen as the Donoghue v Stevenson of the digital age.

Writing in the Gazette, Cahir sets out the most important provisions of the GDPR for solicitors advising both data subjects and controllers.

• Read the full article in the Jan / Feb 2018 Gazette

Archive & subscribe

For current and past issues of the magazine, visit the online Gazette.

To have future issues delivered to your home or office, subscribe today.