Seminar paper from the year 2018 in the subject Law - Data protection, grade: 2,0, University of Applied Sciences Aalen, course: Emergent Issues in Governance, language: English, abstract: After nearly five years of intensive work, accompanied with charged political discussions and wide societal echo, the European Union’s (EU) Data Protection ...

Seminar paper from the year 2018 in the subject Law - Data protection, grade: 2,0, University of Applied Sciences Aalen, course: Emergent Issues in Governance, language: English, abstract: After nearly five years of intensive work, accompanied with charged political discussions and wide societal echo, the European Union’s (EU) Data Protection Reform has finally become a reality. The new framework consists of a General Data Protection Regulation (GDPR), which replaced the former Data Protection Directive, and a new Directive for the police and criminal justice sector. They came into force in May 2016 and became applicable law in May 2018. The reform aims at modernizing and har-monizing data protection across the EU and is an essential element of the broader and particularly ambitious Digital Single Market Strategy that the EU launched in parallel and whose far-reaching consequences will unfold in the years to come.As this new European Data Protection Regulation will obviously entail many changes for all kinds of companies in the EU and thus Germany, the aim of this seminar paper is to answer the following question: “What measures do German companies have to implement in order to meet the data protection requirements of the new EU GDPR, which is applicable since May 25th 2018?”To answer this question, first some important terms that play a role in the regulation are defined (e.g. privacy by design / privacy by default). Then a systematic literature analysis is carried out to identify the most important contents of the GDPR, such as possible penalties for non-compliance. In addition, it will be described how companies outside the EU will be affect-ed by this European legislation.Next, it will be examined which are the crucial differences of the GDPR compared to the former German Bundesdatenschutzgesetz (BDSG), which documentary measures companies must implement as well as which infringements must be reported to supervisory authorities.Furthermore, the state of sources for this most current topic will be discussed by reviewing the various types of literature (journals, scientific papers, professional service firm literature) used in this seminar paper.Last but not least, the most important results of this seminar paper are summarised and then, based on these conclusions, four theses are presented and substantiated. Finally an outlook is given on further regulations that are currently in the EU legislative process and will come into effect in the coming years.