‘General Data Protection Rule,’ a regulatory system designed to penalize companies that allow data breaches to occur. Under the GDPR rule companies and organisations that are compromised may be subject to penalties up to 4% of their annual revenue.