The General Data Protection Regulation (GDPR) is a regulation on data protection and privacy for all individuals within the European Union and the European Economic Area. The regulation has increased the focus on privacy in companies and strengthened the data subjects influence.
- Legal text
- Guidelines
- Blogs
- Data Protection Impact Assessments (DPIA)
- Tools
- Security (art. 32)
- Incident management
- Organisations / Projects
- Solutions providers
- Related
- GDPR (2016/679) - Official version of GDPR.
- GDPR-info - GDPR linked to relevant articles and section in the preamble (Non-official site).
- GDPR-expert - Compare the Regulation, Directive and National legislation. Linked to relevant section in preamble (Non-official site).
- EDPB: Guidelines & Opinions
- ICO: Guide to GDPR
- Handbook on European data protection law - Handbook issued by EU.
- EDPS: Factsheets - Factsheets from EU Data Protection Supervisor.
- GDPR Today - Privacy news from the Open Rights Group.
- Spread Privacy - DuckDuckGo Blog.
- Freedom To Tinker - Blog from Princeton's CITP, a research center that studies digital technologies in public life.
- pdpEcho - All about personal data protection and privacy, by Gabriela Zanfir-Fortuna.
- Open-source DPIA software from the French DPA
- Guidelines on Data Protection Impact Assessment (WP29)
- ISO-standard: Guidelines for privacy impact assessment
- DPIA template from ICO
- Website Evidence Collector (WEC) - EDPS Inspection Software.
- OWASP Top 10 - Top 10 Web Application Security Risks.
- OWASP Cheat Sheet Series - Concise collection of high value information on specific application security topics.
- ENISA: Recommendations for a methodology of the assessment of severity of personal data breaches
- Google, SRE: Managing Incidents
- Troy Hunt: Data breach disclosure 101
- Awesome Incident Response
- GDPR Enforcement Tracker - Overview of fines and penalties.
- European Data Protection Board - EDPB.
- European Data Protection Supervisor - EDPS.
- European Union Agency for Network and Information Security (ENISA) - ENISA.
- List of Data Protection Authorities
- Electronic Frontier Foundation - Nonprofit defending digital privacy, free speech, and innovation.
- International Association of Privacy Professionals - A resource for privacy professionals.
- Privacy International - Charity that challenges the governments and companies that want to know everything about individuals, groups, and whole societies.
- NOYB - Organisation that brings important issues to the attention of DPAs, enforces the law in civil court or directly engages with companies.
- GDPR.eu - Resource for organisations and individuals researching the GDPR (Not official website).
- CyLab Usable Privacy and Security Laboratory - Research related to understand and improving the usability of privacy and security.
- EPIC - Electronic Privacy Information Center.
- Future of Privacy Forum - Catalyst for privacy leadership and scholarship, advancing principled data practices in support of emerging technologies.
- W3C Privacy Interest Group - Leading the web to its full potential.
To the extent possible under law, Harald O. Bakke has waived all copyright and related or neighboring rights to this work.