The New Path to Ediscovery Success: Business Intelligence
The New Path to Ediscovery Success: Business Intelligence
April 26, 2018
Corporate Fact Sheet
June 5, 2018

GDPR “Who Is Covered”

GDPR Who is Covered
This post is the first of a series of short blog posts about GDPR

With GDPR implementation date this Friday, May 25th, it's time to assess where your organization stands with the GDPR. This is the first in a series of short, easily digested blog posts addressing some GDPR basics.

Let's start with who the GDPR applies to.

The GDPR applies to personal data (Article 2.1) about any identified or identifiable natural person (Article 1.1) who is in Europe. It is, of course, a little more complicated than that - but not much.

If a data subject's data is being processed by a Data Controller or a Data Processor in Europe then it applies (Article 3.1) - which may mean that individuals who are not in the EU and have no situs with the EU other than having their data processed by an EU controller or processor are covered.

Separately, if a data subject's data is being processed by an organization outside Europe who EITHER markets goods or services to Europe (Article 3.2a) OR monitors natural people in Europe (Article 3.2b) then it applies.

The citizenship or residence of the individual is not contemplated by the GDPR. Note specifically Article 3.1 applies to the geography of the controller or processor, Article 3.2a applies "to such data subjects in the Union" and Article 3.2b applies "as far as their behaviour takes place within the Union​."

Further, Recital 2 makes clear that the GDPR applies to Data Subjects "whatever their nationality or residence" and Recital 4 echoes that and makes clear that the GDPR is designed for everyone in the world, saying "The processing of personal data should be designed to serve mankind."

Jonathan Swerdloff
Jonathan Swerdloff
Jonathan Swerdloff is a Consultant at Driven, Inc. Prior to joining Driven, Jonathan was a litigation associate at Hughes, Hubbard & Reed LLP, accumulating more than 10 years experience in eDiscovery that included managing large discovery projects, analysis of enterprise systems, and investigations into nontraditional data sources. Through his experience as a litigator and programmer, Jonathan focused primarily on creative problem solving with regard to all data types. He analyzed and produced complex enterprise systems and developed internal workflows for large litigations. He deployed Information Governance strategies, has extensive experience with structured data collection, analysis, and production, and has served as an expert witness. His experience also includes developing cost-saving legal processes, managing legal budgets, and supervising legal personnel. Jonathan is admitted to the bars of New York and Connecticut. He holds a J.D. from the Cardozo School of Law and an MPS from NYU’s Tisch School of the Arts Interactive Telecommunications Program, where he studied rapid prototyping and software development. Jonathan is also an adjunct professor at the Parsons School of Design, teaching a Masters-level course in regulatory and ethics contexts for product designers. Jonathan previously served as the Director of Legal Strategy at the Corporate Knowledge Strategies Forum