The European Union’s new General Data Protection Regulation (GDPR) goes into effect in May 2018. In a nutshell, GDPR creates all kinds of new regulations for how any organization manages data on individuals residing in the EU.
Here is a great outline of GDPR from ASAE. (For ASAE members only; requires a login.) The law goes into effect May 2018, which is less than seven months from now!
My first recommendation to associations is to contact your AMS provider and ask them what they’re doing to address this issue. I believe this will be more onerous than CASL (Canada’s anti-spam law) and therefore will require much more diligence on the part of associations who have individuals (not just members) in their database from Europe.
What is YOUR organization doing about this?