The European judiciary approved a new General Data Protection Regulation (GDPR) coming into force in May 2018. Joaquín Muñoz, IT&IP Lawyer at ONTIER Spain, explained that this regulation ‘’applies to every EU state’’. Furthermore it can also apply to companies outside the EU providing services to or handling the data of European citizens.
According to Joaquín Muñoz, this new regulation requires companies to develop data processing policies to reinforce security. Companies which already have implemented data processing policies ''will need to perform Privacy Impact Assessments (PIAs), monitoring procedures to detect and solve any possible risks.’’
Moreover, new EU regulation also broadens the scope of the 'right to be forgotten’’. The lawyer at ONTIER states that 'by this regulation the right to be forgotten applies to any service provider within the Internet, not just search engines. Any user can refer to a service provider to report any inaccurate or obsolete information'