On 25 May 2018 GDPR, general regulation on the protection of personal data, a new regulation from the European Commission, will come into effect. It will unify the legal protection of personal data across Europe. What will change for businesses?

Radio Zet talked to Vojtěch Chloupek, Partner, Bird & Bird law firm who said he did not think that everything would turn upside down as the law comes into effect – this is a wide-spread myth. According to him, GDPR is largely based on what has been anchored in the Czech law for the past 20 years. Besides sanctions, a part of the regulation that has been in the centre of media attention, the new regulation will change the approach to personal data protection and how companies processing personal data have to handle the data.

A key change according to V.Chloupek is a new approach to the accountability principle. This means that any entity processing personal data should at any time and in any case be able to demonstrate that it complies with the GDPR regulation. So, when an authority comes to investigate a specific issue, it will be up to the entity, not the authority, to prove that everything in the area of data protection is in accordance with the law. The burden of proof newly lies on the entity processing personal data.  

Read full article by Radio Zet in Czech and listen to the interview here.

Access German example - Act to Adapt Data Protection Law to EU's GDPR Regulation.

Read more details in a summary from AmCham CZ event Presentations on GDPR: Revolution or Ecolution? held in September 2017.