Let's have a look into the history of GDPR:
1890
Two United States lawyers, Samuel D. Warren and Louis Brandeis, write The Right to Privacy, an article that argues the "right to be left alone", using the phrase as a definition of privacy.
1948
The Universal Declaration of Human Rights is adopted, including the 12th fundamental right, i.e. the Right to Privacy.
1950
The EU Convention on Human Rights sequence of fundamental rights is amended, with articles now appearing in a different order.
1967
The Freedom of Information Act (FOIA) comes into effect in the US and gives everyone the right to request access to documents from state agencies. Other countries follow suit.
1980
OECD issues guidelines on data protection, reflecting the increasing use of computers to process business transactions.
1981
The Council of Europe adopts the Data Protection Convention (Treaty 108), rendering the right to privacy a legal imperative.
1983
The Federal Constitutional Court of Germany reaches a fundamental decision regarding the census judgment. The verdict is considered a milestone of data protection.
1993
PC Brown is charged with the UK Data Protection Act 1984 offence of using personal data or a purpose other than that described in the Data Protection Register - ruling is overturned.
1995
The European Data Protection Directive is created, reflecting technological advances and introducing new terms including processing, sensitive personal data and consent, among others.
2002
The EU adopts the Directive on Privacy and Electronic Communications.
2006
The EU Directive on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks is adopted. Declared invalid by a Court of Justice ruling in 2014 for violating fundamental rights.
2009
Evolution of the EU Electronic Communications Regulations in response to email addresses and mobile numbers becoming prime currency in conducting marketing and sales campaigns.
2010
The international non-profit organisation Wikileaks publishes secret information, news leaks, and classified media provided by anonymous sources.
2013
European Commission adopts the Regulation 611/2013 on the measures applicable to the notification of personal data breaches under Directive 2002/58/EC.
2014
A ruling by the Court of Justice of the EU finds that European law gives people the right to ask search engines like Google to remove results for queries that include their name. The concept becomes known as “the right to be forgotten”.
2016
The General Data Protection Regulation (GDPR) is approved by the EU parliament after 4 years of discussions.
2018
GDPR is being enforced, replacing the Data Protection Act.
2018+
Responsible management of personal data through mature IT governance, transparent processes and modern applications.