Europe’s General Data Protection Regulation, which came into force at the end of May, is widely regarded as being a good thing for the insurance industry. It’s expected to have the same invigorating effect on the demand for cyber insurance as similar legislation had in the US market. But it’s worth remembering that GDPR compliance is a very big enterprise risk for insurers and reinsurers themselves. After all, re/insurers handle a huge amount of personal data. In fact, their appetite for data seems insatiable.