The document discusses new data protection legislation that will take effect in May 2018 called the General Data Protection Regulation (GDPR). It provides an overview of the new obligations and enforcement under the GDPR, which are much more extensive than the previous data protection laws. The GDPR requires transparency around how personal data is collected and used, as well as stronger enforcement by regulators. Companies need to prepare now by conducting data mapping, implementing privacy by design principles, reviewing contracts, and potentially designating a data protection officer to comply with the new law. Non-compliance could result in fines of up to 4% of annual global turnover or €20 million.