Purpose: The article intends to assess the legal provisions of the current mechanism of personal data protection in the EU. Design/Methodology/Approach: The authors studied the mechanism of personal data protection under the General Data Protection Regulation (EU) 2016/679 (GDPR) based on the concept of contextual integrity and analysis of EU legislation. Findings: The adoption of the General Data Protection Regulation (EU) 2016/679 transformed approaches and concepts to the implementation of the personal data protection mechanism in the European Union. The article notes that the personal data privacy and protection is increasing, there is an ongoing unification of the legal status of personal data protection and the formation of a digital market for dissemination, exchange, control, and supervision of data. Practical Implications: The authors proved that the GDPR has changed approach to personal data protection, the emphasis is now shifting to the formation of a digital market where the EU's role in ensuring regulation is crucial. Originality/Value: The article identifies the emergence of a new protectionist legal system and strengthening of legal provisions regarding privacy.