On May 25, 2018, the General Data Protection Regulation (GDPR) went into effect across the EU, marking a historic moment in which a unified set of data protection laws, created for the modern digital age, replaced the region’s frequently fragmented and antiquated regulations. The laws are given significant teeth by the enforcement powers laid out; authorities are permitted to fine non-compliant organisations up to €20 million or 4% of their annual global revenue, whichever is larger.
At the very least, the Act has increased public awareness of data protection and privacy issues throughout the course of its first five years in existence, allowing people to consider these considerations while making purchases.