On 25th of May this year, the GDPR (General Data Protection Regulation) set to apply across the EU.
Its purpose is to give individuals more control over their personal and sensitive data. This means for you that you can always request your personal data free-of-charge and EU businesses must provide you with ALL the data they have on you. Imagine the work to unify the data across all different departments to enable this single view of the customer.
The fines are evident of the seriousness of the GDRP: non-compliance can result in €10M-€20M fines or 2%-4% of the revenue (whichever is greater). Compare this to the current max fine of £500k the Information Commissioner's Office in the UK.
Two good articles by Wired and TechCrunch explaining the GDRP and its impact quite well and clearly: