Skip to main content

Data Protection Laws

Return to GDPR page

Current European Union Data Protection Legislation

  • GDPR
    Regulation (EU) 2016/679 of the European Parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
  • ePrivacy
    Directive Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on Privacy and Electronic Communications)
  • Directive on the Processing of Personal Data by Competent Authorities
    Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA
  • Passenger Name Record Directive
    Directive (EU) 2016/681 of the European Parliament and of the Council of 27 April 2016 on the use of passenger name record (PNR) data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime

Proposed European Union Data Protection Legislation


ePrivacy Regulation (European Parliament proposal) *

Published on 4th May 2018
Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications)

*Although these draft texts have been published, they do not form part of the European Union Acquis Communautaire yet since they are still subject to amendments.

Stay updated with our latest insights

Mamo TCV Advocates: New Data Protection Law Relating to Third Party rights
Data Protection and Privacy

New Law enables Third Parties to a Contract to benefit from Data Protection Rights

A recently published Legal Notice (204 of 2023) has created the “Enforcement of the Rights of Data Subjects in relation to Transfers of Personal Data to a Third Country or an International Organisation Regulations” (Subsidiary Legislation 586.12). This marks the first time that an entirely new subsidiary law has been enacted under the auspices of the Data Protection Act (Chapter 586 of the laws of Malta), since June 2018, shortly after the coming into force of the GDPR. S.L. 586.12 resolves a long-standing lacuna in the field of Maltese data protection law. The scope and purpose of this new law…
The European Data Protection Board has issued its Opinion on the European Commission’s Draft Adequacy Decision which constitutes a new framework for transatlantic transfers of personal data.
Data Protection and Privacy

The EDPB Issues Opinion on the New EU-U.S. Data Privacy Framework

On the 28th of February 2023, the European Data Protection Board (hereinafter referred to as the “EDPB”) issued its Opinion on the European Commission’s draft adequacy decision regarding the EU-U.S. Data Privacy Framework. Whilst acknowledging the significant improvements made to the Data Privacy Framework such as the improved new redress mechanism under the Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities, the EDPB’s opinion also highlighted some issues of concern which had previously been raised so as to ensure that the new adequacy decision will be long-lasting. The principal issues of concern specifically relate to the data…
Digital Services Act Deadline: By 17 February 2023, Online Platform Providers were Required to Publish Average Monthly Active Recipients
Telecoms, Media & Technology

Digital Services Act Deadline for Online Platform Providers

17 February, 2023, marks the deadline for providers of online platforms to publish information on the average monthly active recipients of their services in the European Union (EU), as required by the Digital Services Act (Regulation (EU) 2022/2065) (DSA). The DSA defines online platforms as providers of hosting services that publicly disseminate users’ information. The European Commission has previously provided that online platforms cover a wide range of activities and include: Online marketplaces; Social media platforms;  Creative content outlets;  App stores;  Platforms for the collaborative economy;  Price comparison websites; and  Search engines. Under the DSA, providers of online platforms must…
U.S. President Joe Biden has recently signed an Executive Order implementing the commitments made by the U.S. in the agreement reached with the EU concerning a new EU-U.S. data privacy framework.
Data Protection and Privacy
The New EU-US Personal Data Transfer Framework
EU Legislation
Data Protection and Privacy
Deadline for Third Country Personal Data Transfers: EU Standard Contractual Clauses
The EU Data Act – Not Another GDPR
Data Protection and Privacy
The EU Data Act – Not Another GDPR

Join our mailing list

Get in touch by sending us a message or by contacting us directly.


How can we help you?