The General Data Protection Regulation (GDPR) creates a single EU-wide law on data protection intended to increase legal certainty for individuals, businesses, and Data Protection Authorities and to contribute to the success of the EU's Digital Single Market. Of particular significance is the extraterritorial application of the GDPR, where a non-EU based business will become subject to the GDPR when it is processing personal data of individuals in the EU as a result of offering goods or services to such individuals or monitoring their behavior.

The GDPR also introduces significant new data protection requirements and rights for data subjects, as well as enforcement powers for DPAs, which include fines of up to 4% of annual worldwide turnover or 20 million euro, whichever is greater. The GDPR entered into force May 25, 2018.

• Official GDPR Website: GDPR.eu is provided to you as helpful resource to quickly find all 99 Articles and 173 Recitals of the Regulation, as well as helpful guides and checklists that walk you through how the Regulation may apply to you.

• European Data Protection Board: The European Data Protection Board (EDPB) is an independent European body, which contributes to the consistent application of data protection rules throughout the European Union, and promotes cooperation between the EU’s data protection authorities.

• Handbook on European Data Protection Law (2018): This handbook outlines the legal standards relating to data protection set by the European Union (EU) and the Council of Europe (CoE). It is designed to assist practitioners not specialised in the field of data protection, including lawyers, judges and other legal practitioners, as well as individuals working for other bodies, such as non-governmental organisations (NGOs), who may be confronted with legal questions relating to data protection.

The handbook serves as a first point of reference on relevant EU law and the European Convention on Human Rights (ECHR), as well as the CoE Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108) and other CoE instruments.

• Bloomberg General Data Protection Regulation Resources:  A dedicated page including the text of the GDPR, Fast Answers, Tools & Trackers, Practical Guidance, Legal Analysis and Books and Treatises. 
  • An excellent starting point with multiple resources.

​​​​​​​​​​​​​​

• (Lexis) 6 David Bender, Computer Law: A Guide to Cyberlaw and Data Privacy Law, § 51: European Data Protection Law (2021): Section 51 of this title provides the most detailed treatment of Lexis' various treatises on computer and internet law.

• (Westlaw) 3 E-Commerce and Internet Law 26.04: The European Union General Data Protection Regulation (GDPR) (April 2020): Chapter 26.04 of this title provides the most comprehensive discussion within Westlaw's various treatises on computer and internet law.

For assistance, please contact the research librarians at the Kresge Law Library by email: AskUs@nd.edu.