The GDPR also introduced new accountability and transparency requirements, meaning that processors must be able to show that they have a lawful basis for each processing operation, and must inform individuals which lawful basis if being relied upon. Furthermore, under GDPR the interpretation of legitimate interests is now broader, encompassing the interests of any third party, including wider societal benefits.