One law to rule them all

On the extraterritorial applicability of the new EU General Data Protection Regulation

In May 2016, the EU adopted its long-awaited new General Data Protection Regulation (GDPR) and thereby opened a new chapter in the history of European and global data protection law. Meeting the challenges of the 21st century globally linked information-society, it took the EU-institutions more than four years and almost 4,000 amendments to finally agree on a compromise text. While elaborating the GDPR, the EU tried to solve one of the …