Our global reach
Country reports
Seven jurisdictions assessed against the DR2I framework on four dimensions: substantive law, enforcement practice, institutional architecture, regulatory culture.
- Brazil LGPD's structural inheritance from the GDPR; the tension between individual rights and socioeconomic rights; healthcare and fintech costs of restricted secondary use.
- European Union Eight years of GDPR implementation; the Digital Omnibus as reform vehicle; targeted amendments to Articles 1, 5, 51, 57, 70, and 71.
- Germany Seventeen federal-state supervisory authorities without binding coordination; the 2025 coalition agreement on centralisation; the long-delayed Research Data Act.
- Italy The Garante's active engagement on AI; Italy as a laboratory for innovation-sensitive supervision; rebalancing data protection with innovation.
- Singapore PDPA and the PDPC's risk-proportionate, advisory-first culture; the legitimate business purpose framework as a model for outcome-oriented legal bases.
- Turkey KVKK and rapid digitalisation; Turkey's strategic position between European, Asian, and Middle Eastern digital economies; alignment with DR2I principles in distinct national context.
- United Kingdom Post-Brexit reform and the Data Use and Access Act 2025; the secondary growth duty; the adequacy challenge and transferable lessons.