Time12:00PM1:00PM EST Location1000 Massachusetts Ave. NW, Washington DC, 20001
Events hosted by others AND In-Person AND Virtual

Five Years of EU’s General Data Protection Regulation: Impact and Lessons Learned



Jennifer Huddleston, Technology Policy Research Fellow, Cato Institute

Brandon Pugh, Policy Director and Senior Resident Fellow, R Street Institute

Lee Matheson, Senior Counsel, Future of Privacy Forum

Nathan Lindfors, Policy Director, Engine

In May 2018, the European Union’s General Data Protection Regulation (GDPR) became effective. The immediate impact was seen in the millions of dollars and man hours spent on compliance; the loss of certain websites or services from the European Union, such as the Los Angeles Times; and changes to user experiences and privacy choices. Advocates of the GDPR have argued that the tradeoffs are worth it for improved cybersecurity and the increased privacy rights of EU citizens, but critics have pointed to the potential impact on other values, such as speech and innovation, and have questioned if the GDPR has actually led to improvements or just increased red tape.

Five years on, the impact of the GDPR on Americans and American companies as well as their European counterparts continues to be felt. As the United States debates its own potential federal data privacy law and sees an emerging patchwork of state laws, what lessons can we learn from the GDPR about benefits and consequences of data privacy regulation?

Lunch to follow event

More Data Privacy Policy