Why US Business Must Gear Up To Impending GDPR Challenge

Many US firms are unaware the forthcoming General Data Protection Regulation (GDPR) law will apply to them, despite the heavy penalties of a fine of up to $23,773,000, or four per cent of the company's annual global turnover if they fail to comply. John Hayes explains why US business will need to gear up.

GDPR: New ICO Guidance on ‘Legitimate Interests’

When the GDPR comes into force on 25 May 2018, it is unlikely that you will be able to obtain valid consent from staff for processing their personal data. This is because the GDPR introduces a more stringent requirement for consent, which has to be ‘freely given, specific, informed and unambiguous’. As a consequence, employers will need to rely on other lawful grounds for processing personal data of their staff.