German data protection authority: GDPR requires stronger email encryption

The Data Protection Authority of North Rhine-Westphalia (LfDI NRW) recently published its analysis on the requirements of the general data protection regulation (GDPR) for email communications. The opinion of the German authority is that transport layer encryption must always be implemented. As reported by Techdirt, ‘the LfDI NRW’s position indicates that the GDPR is likely to impact when and how email encryption is deployed by companies operating in the EU’.