On 12 September 2018, the Lebanese Central Bank issued a decision to adopt the General Data Protection Regulations (GDPR). This decision, which was published in the Official Gazette on 20 September 2018, calls for Lebanese Banks, monetary institutions and other institutions associated with the Central Bank to take all necessary measures to comply with the GDPR. Such measures include appointing a data protection officer and a representative to the European Union, and amending compliance programs to conform to the new regulations.
The GDPR was first enacted in 2016 by the European Union and it came into effect across the EU’s 28 Member States on 25 May 2018. It is one of the strongest and most comprehensive attempts globally to regulate the collection and use of personal data by both governments and the private sector. The GDPR aims to protect consumers by giving them greater control over their personal data. It also compels businesses to be more accountable and transparent in their use of customers’ personal data.