2019 21.10

The new EU data protection package entered into force in May 2018, following a protracted legislative process. The package comprised a General Data Protection Regulation (Regulation 2016/679, GDPR) and a lesser-known Law Enforcement Directive (Directive 2016/680, LED). The GDPR, in particular, seeks to “Europeanise” data protection law and to render it more effective: by introducing a regulation rather than a directive, an attempt is made to minimise national divergence while significant new avenues for private redress and public enforcement are introduced. 

The rave around the GDPR before May 2018 made data processing a very popular and modern topic for discussions, seminars, books, businesses. The hysteria for “GDPR compliance with” did not spare Bulgaria. In fact, our country has had a Personal Data Protection Act (PDPA) since 2002, even before Bulgaria joined the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (The Convention No 108).

You may find further information in the enclosed PDF file.