Buckley, Gerard; Caulfield, Tristan; Becker, Ingolf; (2024) How might the GDPR evolve? A question of politics, pace and punishment. Computer Law & Security Review , 54 , Article 106033. 10.1016/j.clsr.2024.106033.

Preview

Text Becker_1-s2.0-S0267364924000992-main.pdf Download (727kB) | Preview

Abstract

The digital age has made personal data more valuable and less private. This paper explores the future of the European Union’s General Data Protection Regulation (GDPR) by imagining a range of challenging scenarios and how it might handle them. We analyse United States’, Chinese and European approaches (self-regulation, state control, arms-length regulators) and identify four key drivers shaping the future regulatory landscape: econopolitics, enforcement capacity, societal trust, and speed of technological development. These scenarios lead us to envision six resultant versions of GDPR, ranging from laxer protection than now to models empowering individuals and regulators. While our analysis suggests a minor update to the status quo GDPR is the most likely outcome, we argue a more robust implementation is necessary. This would entail meaningful penalties for non-compliance, harmonised enforcement, a positive case to counter the regulation-stifles-innovation narrative, defence of cross-border data rights, and proactive guidelines to address emerging technologies. Strengthening the GDPR’s effectiveness is crucial to ensure the digital age empowers individuals, not just information technology corporations and governments.

Download activity - last month

Export as CSVJSONXML

Download activity - last 12 months

Export as JSONXMLCSV

Downloads by country - last 12 months

Export as JSONXMLCSV

Archive Staff Only

View Item