About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

114 AJIL Unbound 1 (2020)

handle is hein.journals/ajilunbo114 and id is 1 raw text is: doi:10.1017/aju.2019.82 INTRODUCTION TO THE SYMPOSIUM ON THE GDPR AND INTERNATIONAL LAW Grainne de Btrca* It is rare that a lengthy and detailed piece of legislation adopted in one jurisdiction becomes not only a law with powerful impact across multiple jurisdictions and continents, but also an acronym that trips readily off the tongue of laypeople and lawyers alike around the world. Yet this has been the fate of the European Union's General Data Protection Regulation, now commonly known as the GDPR, since its coming into force in 2018. Perhaps the Helms-Burton Act came somewhat close in its global impact when the United States adopted the extensive anti-Cuba sanctions regime in 1996. But Helms-Burton was a deliberately globally-targeted sanctions regime that sought to pressure foreign companies trading in or with Cuba into ceasing those activities, and it was adopted as an instrument of U.S. foreign policy. By comparison, the GDPR at first glance appears to be a domestically-focused piece of legislation intended to strengthen data protection and privacy standards within the EU, and to make Europe, in the terms used by the European Commission, fit for the digital age. Describing itself as a measure intended to harmonize data privacy laws across Europe's single market, the GDPR-which in principle requires no transposition on the part of EU member states in order to have immediate and binding legal effect within those states-applies to any organization operating within the EU or offering goods or services to customers or businesses in the EU. The legislation imposes a demanding set of regulatory standards on those who control or process personal data, in relation to the purposes, uses, handling, and storage of such data. Breaches of these standards can result in the imposition of hefty fines. While the overriding purpose of the reg- ulation may be the protection of personal privacy, the GDPR addresses multiple aspects of data governance that are relevant to businesses worldwide. The key to the way in which the GDPR goes far beyond being a domestic EU-focused legislative measure is in its application to any business or organization anywhere in the world that offers goods or services to persons within the EU, or that monitors the behavior of individuals in the EU. This has meant that the numerous and detailed regulatory standards imposed on companies and organizations-which include the need to obtain the affirmative consent of those whose data they gather or hold; the requirement to inform; the obligation to rectify and to erase data; and restrictions on transfers of data outside the EU-have a very extensive global reach indeed. As Anu Bradford has convincingly argued, at a time when the EU has emerged from a series of economic and political crises as a weakened international political actor, its global regulatory influence and power by comparison has, if anything, increased.' While some have welcomed the EU's digital leadership in setting strong data protection and privacy standards, others have been critical of the reach and implications of the GDPR, with the Heritage Foundation and others accusing the EU of digital imperialism.2 One evident consequence of the global impact of the GDPR is that many of its requirements are in tension with, if not directly in conflict with, other regimes and * Florence Elinwood Allen Professor of Law, New York Universiy. ANU BRADFORD, THE BRUSSELS EFFECT: HOW THE EUROPEAN UNION RULES THE WORLD (forthcoming 2020). 2 Theodore Bromund, The US. Must Draw a Line on the EU' Data-Protection Impeiialism, HERITAGE FOUND. Jan. 9, 2018). © Grdinne de Bnrca 2020. This is an Open Access article, distributed under the terms of the Creative Commons Attribution licence 1 (http://creativecornmons.org/licenses/by/4.0/), which permits unrestricted re-use, distribution, and reproduction in any medium, provided the original work is properly cited.

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most