GDPR at Five
These statistics point to the GDPR’s tangible impact in the five years since becoming applicable.
Published: 25 May 2018
Last updated: 24 May 2023
Since becoming applicable 25 May 2018, the EU General Data Protection Regulation propelled data protection and privacy to unprecedented and profound prominence, both within the EU and internationally.
Five years later, privacy professionals are experiencing a new era for the GDPR, with more consequential enforcement, court rulings and privacy-related legislative initiatives. The legislation is also applicable to new technologies and disciplines, such as artificial intelligence governance efforts envisaged by the draft EU AI Act. Beyond the EU, dozens of countries have taken inspiration from the GDPR in enacting their own privacy laws. Indeed, many are now considering ways to reform the GDPR.
The application of the GDPR shows no sign of slowing down or diminishing its influence and impact on policymakers, companies, regulators, consumers and societies. The statistics in this infographic point to the GDPR’s tangible impact.
What happens on May 26th, 2018?
This infographic highlights what regulators expected to occur when the GDPR was enacted in May 2018.
View here
GDPR at One Infographic
This infographic provides context about the GDPR's first year in numbers.
View here
GDPR at One White Paper
This white paper explores the number and nature of complaints, investigations and data protection officer notifications over the first year of the GDPR, and the technical challenges and guidance needed moving forward.
View here
GDPR at Two
For the GDPR's second anniversary, the IAPP asked leading voices in the data protection and privacy community to reflect about the past, present and future of the GDPR.
View here
GDPR at Three
This infographic provides context on the status of the GDPR at the three-year mark since the regulation became applicable.
View here
This content is eligible for Continuing Professional Education credits. Please self-submit according to CPE policy guidelines.
GDPR at Five
These statistics point to the GDPR’s tangible impact in the five years since becoming applicable.
Published: 25 May 2018
Last updated: 24 May 2023
Contributors:
Joe Jones
Research and Insights Director, IAPP
Since becoming applicable 25 May 2018, the EU General Data Protection Regulation propelled data protection and privacy to unprecedented and profound prominence, both within the EU and internationally.
Five years later, privacy professionals are experiencing a new era for the GDPR, with more consequential enforcement, court rulings and privacy-related legislative initiatives. The legislation is also applicable to new technologies and disciplines, such as artificial intelligence governance efforts envisaged by the draft EU AI Act. Beyond the EU, dozens of countries have taken inspiration from the GDPR in enacting their own privacy laws. Indeed, many are now considering ways to reform the GDPR.
The application of the GDPR shows no sign of slowing down or diminishing its influence and impact on policymakers, companies, regulators, consumers and societies. The statistics in this infographic point to the GDPR’s tangible impact.
What happens on May 26th, 2018?
This infographic highlights what regulators expected to occur when the GDPR was enacted in May 2018.
View here
GDPR at One Infographic
This infographic provides context about the GDPR's first year in numbers.
View here
GDPR at One White Paper
This white paper explores the number and nature of complaints, investigations and data protection officer notifications over the first year of the GDPR, and the technical challenges and guidance needed moving forward.
View here
GDPR at Two
For the GDPR's second anniversary, the IAPP asked leading voices in the data protection and privacy community to reflect about the past, present and future of the GDPR.
View here
GDPR at Three
This infographic provides context on the status of the GDPR at the three-year mark since the regulation became applicable.
View here
This content is eligible for Continuing Professional Education credits. Please self-submit according to CPE policy guidelines.
Tags:
Related resources
Global AI Governance Law and Policy: Jurisdiction Overviews
US State Privacy Legislation Tracker
Organizational Digital Governance Report 2025
US State Comprehensive Privacy Laws Report
