< PrevNext > Jan Philipp Albrecht, Member of European Parliament Godfather of GDPR By Amon Cohen / December 14, 2017 Share The European Union's General Data Protection Regulation does not take effect until May 25. But many a travel buyer and supplier, both inside and outside the EU, was preoccupied in 2017 with assuring the significantly strengthened data privacy rights it enshrines for customers, employees and all other individuals.Issues particularly pertinent to travel managers include giving travelers who are EU citizens the potential to know who holds their personal data and why and figuring out whether they need to obtain traveler consent for the treatment of their data. Suppliers need to be more diligent in their data protection and much prompter about reporting breaches; the scandal in which Uber took 13 months to reveal a hack of 57 million customer records was only the latest reminder. Under GDPR, companies can be fined up to 4 percent of global turnover for violations, a threat concentrating the minds of those who may have overlooked this issue in the past.According to International Association of Privacy Professionals European managing director Paul Jordan, the "godfather of GDPR" is Jan Philipp Albrecht. The Green Party Member of European Parliament, a German citizen who looks even younger than his tender 35 years, shepherded the legislation through as vice chair for the parliament's Committee on Civil Liberties, Justice and Home Affairs. "Albrecht was responsible for getting GDPR past the post. He drove a lot of the argumentation," said Jordan.Albrecht, a law graduate, also has been a persistent critic of Safe Harbor and its successor, Privacy Shield, frameworks that aim to transfer personal data from the EU to align with Europe's stricter data protection standards. The dominance of U.S.-based service providers makes this a deeply important issue to global corporate travel, and one expected to resurface in 2018.Meanwhile, preparations for GDPR continue. In line with one of the regulation's obligations, larger travel companies rushed to appoint data privacy officers in 2017, and a travel industry GDPR code of conduct is afoot.