The GDPR, or the General Data Protection Regulation, is a new set of regulations put forward by the European Commission. This will replace the previous Data Protection Directive from 1995.
The European Commission wants to give back control of personal data to consumers and also unify data protection regulations across the EU. These new regulations will be enforced in May 2018.
The GDPR will be enforced by the Information Commissioners Office (ICO), who can take action against any company or governmental body that fails to adhere from May 2018. Businesses could face considerably higher fines than the previous directive of up to €23 Million, or 4% of their global annual turnover if they don’t meet the GDPR after the deadline.