New guidance proposed on the extra-territorial scope of the GDPR

The agency responsible for administering the General Data Protection Regulation (GDPR) recently proposed guidelines to clarify the extra-territorial scope of Europe’s sweeping new privacy law.

  • While these guidelines are not yet finalized, they indicate that the reach of the GDPR spreads far beyond the European Union.
  • American businesses that had concluded that they were likely exempt from the GDPR based on previous interpretations should review the new guidelines to confirm that they are not subject to the GDPR’s requirements.
  • This need to double check the applicability is especially important given the likelihood of increased enforcement under the GDPR in 2019 and the potential for steep fines.

Learn more.

Back to top