Shedding some light on the territorial scope of the GDPR

Your contact

The European Data Protection Board (EDPB) following its fourth plenary session on November 16th of this year has published guidelines on the territorial scope of the General Data Protection Regulation (GDPR) for public consultation. The public consultation will be organised from 23 November 2018 to 18 January 2019.

Before the publication of these guidelines, much has been speculated and argued in and outside of the European Union (EU) regarding the effect of the GDPR and whether or not third countries would have to follow the rules set out in the Regulation. Nevertheless, many companies established in third countries dealing with the EU were unsure how to proceed. Although especially questions regarding enforcement actions and obligations in third countries remained unanswered, the bottom line drawn by most privacy professionals was that third-country controllers and processors with strong links to the EU should comply with the GDPR.

The newly published and long-awaited guidelines will now shed some light on the many questions asked by privacy professionals with regard to issues arising out of the GDPR. With the release of the guidelines, the EDPB in particular intends to clarify the territorial scope of the GDPR to ensure a common interpretation. While national enforcement in countries outside the EU remains a matter for those national laws, among other issues addressed, the guidelines do provide clarification on issues around:

  • the application of the establishment criterion in the context of controllers and processors established outside the EU;
  • the application of the targeting criterion in the context of controllers and processors established outside the EU;
  • the processing in a place where Member State law applies by virtue of public international law; and
  • the requirement for third country controllers or processors to designate an EU representative.

Click here for the full text of the guidelines.

Share post


MLL Meyerlustenberger Lachenal Froriep Ltd

MLL is one of the leading law firms in Switzerland with offices in Zurich, Geneva, Zug , Lausanne, London and Madrid. We specialise in representing and advising clients at the intersection of high-tech, IP-rich and regulated industries.

MLL Meyerlustenberger Lachenal Froriep


Much is still unclear in relation to liability questions around AI tools.

Read our latest post about “Liability during the Lifecycle of an AI Tool” and download our white paper.


Click here for our latest publications


Read all our legal updates on the impact of COVID-19 for businesses.

COVID-19 Information