The General Data Protection Regulation (GDPR) is the EU’s new and strengthened general framework for the protection of personal data. The GDPR directly applies in all EU countries since 25 May 2018. However, EU countries still need a national data protection law because the GDPR contains so-called opening clauses which leave member states discretion on some aspects.
For instance, the GDPR requires member states to set the minimum age at which children can give consent to the processing of their personal data when using information society services such as social media. Member states must choose between 13-16 years, below which a parent or guardian must give consent. This choice is impactful for companies, which must make reasonable efforts to verify that the user is over the age of consent and that consent is given or authorised by the holder of parental responsibility over the child.
Of the nine surveyed countries, most countries (i.e. Belgium, Spain, Sweden and the UK) have chosen to set the age of a valid child consent at 13 years. However, three countries (i.e. Germany, Ireland and the Netherlands) have chosen to set it at 16 years.
04 February 19
Cullen International EECC Decoder: regulatory remedies explained
The European Electronic Communications Code (EECC) sets new rules on how NRAs should impose regulatory remedies on operators. The new Cullen Decoder explains which remedies apply to different business models (vertically integrated, wholesale-only, voluntary separation and co-investment).
29 January 19
New EECC implementation calendar
Cullen International has compiled a comprehensive calendar of the most important dates for the implementation of the European Electronic Communications Code (EECC) and the BEREC Regulation 2018.
21 January 19
New edition of EU timeline for the next six months
This edition of the EU Timeline highlights noteworthy events and the status of the most important regulatory developments at EU level in the sectors covered by Cullen International over the next six months.