The GDPR replaces Europe’s 1995 Data Protection Directive, which was enacted well before the internet and cloud computing introduced new ways of processing personal data.
As how we share and use data has changed substantially since then, the EU’s data protection rules needed to be modernised.
The article in pdf explains the new directives that came into force on 25 May.