General Data Protection Regulation. (GDPR). In order to better understand more recent data protection law, the most important of which is the General Data Protection Regulation, it is important to briefly consider how data protection law has evolved in recent history. The Data Protection Directive was adopted in 1995 and is officially known as 95/46/EC. It has been an important part of the legal framework for data protection in Europe. A european directive must be implemented international law in the individual member states. To enable this implementation the directive provides a certain legal framework. The individual states then bring this legal framework to life by means of a concrete national law. To accommodate for national differences, the member states are allowed some freedom when implementing the directive. However, the Data Protection Directive became outdated. Firstly, critical voices have argued that the directive was not responding well enough to more modern technologies such as Big Data and cloud computing. At the time of the adoption of the directive, in 1995 these technologies simply did not exist. A further problem was that the implementation of the Data Protection Directive in some cases differed widely from one member state to another. Therefore the new General Data Protection Regulation, EU 2016/279 aims to harmonize data protection within Europe. It will also strengthen the data subjects rights in a modern world, in which more and more personal data is increasingly processed by organizations. As of May 2018 The General Data Protection Regulation or short GDPR will form an important part of the European Framework for Data Protection. The GDPR will apply to all companies in the European Union from May 2018, replacing the Data Protection Directive 95/46/EC. The GDPR applies directly as European law, which means that it does not have to be implemented into national law. Are there other data protection statutes the member states need to comply with? The general data protection regulation contains about sixty so-called opening clauses. An opening clause is a clause which gives member states the discretion to introduce national provisions in order to concretize or to further clarify a particular rule by means of national law. For example, Germany has made active use of most of the 60 opening clauses of the GDPR and has passed a new Federal Data Protection Act which will become effective at the same time with the GDPR in May 2018. The large number of opening clauses is however The reason why the general data protection regulation has only partially succeeded in further standardizing european data protection. In addition there are both european and national sectors specific regulations that complement the GDPR. An example is the E-Privacy regulation, a european regulation that regulates privacy and electronic communications, and replaces the 2002 directive on data protection in electronic communications, which aims to meet economic and technical developments. For example VoIP telephony and over-the-top services. Let's briefly consider how much it will cost a company to comply with the General Data Protection Regulation. It can be assumed that the monetary expense of implementing the General Data Protection Regulation for companies will vary for different member states. This is due to the fact that until now the provisions of the Data Protection Directive had to be implemented international law, and they have been giving varying degrees of strictness to companies in different Member States due to for example case law rulings. In summary, The General Data Protection Regulation will come into force starting in May 2018. Its aim is to further harmonize data protection across Europe and to strengthen the rights of data subjects. It replaces the Data Protection Directive 95/46/EC which does not fully take into account how data can be protected in today's world of Big Data and cloud applications. The GDPR applies directly as european law. In via its 60 opening clauses. Member States have the ability to introduce national provisions in order to conquer ties or further clarify a particular rule. Lastly. the monetary expense of Implementing the GDPR will vary for companies in different Member States.