Column: Europe’s new data privacy rules

On May, 25, the European Union member states will begin to enforce the General Data Protection Regulation. The GDPR imposes sweeping data privacy, access, consent, transfer, processing and storage requirements on companies that offer goods or services to, or monitor the behavior of, people residing in the EU at the time the data is collected, whether or not the companies are located in the EU.