GDPR is perhaps the hot topic within organisations at the moment as it has the potential to affect virtually every aspect of the business.
The GDPR will affect research and education (R&E) organisations based in the Unites States (US) due to its extended territorial scope even though there is no data protection agreement between the EU and the US that applies to the R&E sector. From a non-EU/EEA perspective there are three situations where GDPR applies in an identity federation world that can bring it into play for US R&E organisations.
Pål Axelsson, SUNET’s SWAMID Identity Federation Operations Manager discusses some of the key implications of GDPR in this Internet2 blogpost.
Submitted by Karl Meyer