GENERAL REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL OF THE EUROPEAN UNION ON DATA PROTECTION (GDPR) – OVERVIEW AND NEWS

MAJSTOROVIĆ Marija (Direktor, GDPR Institut d.o.o., Beograd; doktorand, Fakultet za poslovne studije i pravo, Univerzitet „Union – Nikola Tesla”, Beograd), majstorovic.m@live.com

Everyday use of the Internet, both for business needs and for private purposes (from storing data on cloud systems, using applications and many other contents that access various biometric and personal data), has put a modern man at the center of technological development, digitalization, and connectivity via different networks. The significance that the exchange of goods, gold, and then the trade of goods and services once had on the economic development and technological progress is today transferred on data. In the digital age when data are the driver and the basis for the development of every company and the basic derivative of every society, citizens often and without much thought easily leave their data available to many companies that collect data and make business decisions based on their processing. This led to the need to regulate the field of data protection. With the increase in the number of data about all of us comes the need to protect privacy and increase control of our personal data. In line with this aspiration and the need to improve the legal framework with the legacy of modern times, the General Regulation on Personal Data Protection (GDPR) was adopted in 2016. It regulates in detail the rights of persons and the obligations of companies. The aim of this paper is to present important characteristics and innovations in terms of new institutes and concepts, as well as to consider the positive effects that the Regulation has introduced in the field of European Union law, but also on the rights of all persons whose data are processed. The analysis was performed on the basis of a review of the relevant legislative framework of the European Union and documents adopted by the European regulatory bodies and relevant institutions, from the European Parliament, the Council of the European Union, the European Data Protection Board, the European Commission, etc.

Keywords: General data protection regulations, GDPR, data protection law, European Union law