GDPR
legal impact on extra-territorial commercial pressure on indian business, trade and investment
DOI:
https://doi.org/10.60054/PEU.2020.7.45-56Keywords:
GDPR, Data Protection, Trade, Business, Extra-territorialityAbstract
The GDPR was implemented in 2018 to provide a balance between protecting personal data and privacy of data subjects. The implementation of GDPR has impacted various sectors. The extraterritoriality of the law on GDPR puts a pressure on companies and policy makers to re-examine the existing legal framework and India has not been insulated from the effects of implementation of GDPR. It puts a pressure on Indian trade bodies and upon government agencies to formulate a regulatory regime to achieve a synergy between Indian and EU laws.
The paper will look at the GDPR law in the EU, as well as at international responses to the implementation of the GDPR and will consider the effect it will have on Indian businesses, the trade and investment between India and EU. The paper will study the consequences that the law will have in commercial exchanges especially in the context of EU-India bilateral trade negotiation.
The authors have used the descriptive and analytical method research and have studied the implications of the introduction of GDPR especially for India.
References
Azzi, A. (2018), The Challenges Faced by the Extra Territorial Scope Of The General Data Protection Regulation, JIPITEC 9 (2).
Blume, J. (2018), A Contextual Extra Territoriality Analysis of the DPIA and DPO Provisions in the GDPR, 49 Geo. J Int’l 1425.
Kessler, J. (2019), Data Protection in the Wake of the GDPR: California’s Solution for Protecting the World’s Most Valuable Resource, 93 S. Cal. L. Rev. 99.
Krishnan, S. (2016), Cyber Security, How can Indian Organisations Prepare for the GDPR Regime?, PwC India, https://www.pwc.in/consulting/cyber-security/blogs/how-can-indian-organisations-prepare-for-the-gdpr-regime.html
Lindgren, P., and Rasmussen, O. H. (2013), The Business Model Cube, Journal of Multi Business Model Innovation and Technology, 1(3), 135-180.
Newcombe, L. (2020), Securing Cloud Services: A Pragmatic Approach, 2nd edition, IT Governance Publishing.
Schwartz, P., Peifer, K. (2019), Structuring International Data Privacy Law, Int’l Data Privacy Law 21.
Tarhonen, L. (2017), Pseudonymisation of Personal Data According to the General Data Protection Regulation, In Korpisaari, P.à.ivi (edit.). Viestinn.à.n muuttuva s.à.à..ntely - Viestint.à. oikeuden vuosikirja 2016. Forum Iuris, Helsingin yliopiston oikeustieteellisen tiedekunnan julkaisuja 2017, p. 10-32.
Yakovleva, S. (2020), Privacy Protection(ism): The Latest Wave of Trade Constraints on Regulatory Autonomy, 74 U. Miami L. Rev. 416.
Cases
DS285: Antigua and Barbuda v. United States, United States - Measures Affecting the Cross-Border Supply of Gambling and Betting Services.
Justice K.S. Puttaswamy (Retd.) & Anr v Union of India & Ors, MANU/SCOR/31178/2018, ITEM NO.1502 COURT NO.1 SECTION PIL-W ITEM NO.1502 COURT NO.1 SECTION PIL-W Writ Petition Civil No.494/2012.
Maximilian Schrems v. Facebook Ireland Limited (2013).
Legislation and Other
California Consumer Privacy Act 2020.
Charter of fundamental rights of the European Union, 2000.
Data Protection Directive 95/46 /EC.
General Data Protection Regulation, 2018.
Treaty on the functioning of the European Union, 2009.
