VIDEO: New EU Privacy Regime Daunting, Pillsbury Leader Says

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...


By Jimmy H. Koo

To prepare for the new European Union privacy regime, companies need to initially sit down with EU privacy law specialists and scope out which provisions may directly apply to them, Rafi Azim-Khan, a data privacy partner at Pillsbury, Winthrop, Shaw, Pittman LLP in London and Silicon Valley, told Bloomberg BNA in a video interview.

The EU General Data Protection Regulation (GDPR) is the largest change in European privacy law in 20-odd years, and businesses will have to change their practices to adapt, he said.

Azim-Khan cautioned against relying on compliance software for easy fixes. The GDPR has provisions that require companies to adopt privacy by design into new products and services. Companies will need to show specific steps they took to achieve that goal, he said.

The GDPR will take effect May 25, 2018. Even though companies have until 2018 to prepare for the GDPR, Azim-Khan said they need to act now because “there’s so much to digest.”

He highlighted that the GDPR isn’t a purely European issue, and will have global implications for businesses. He also said that the upcoming regulation should be seen as a “mindset,” not as a set of individual rules.

To contact the reporter on this story: Jimmy H. Koo in Washington at

To contact the editor responsible for this story: Donald Aplin at

For More Information

The interview video is available at

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law: Privacy & Data Security