The new EU-US Data Privacy Framework: the solution to transatlantic data flows?

The ability to transfer data between countries is the bedrock of trade and international relations. To facilitate barrier-free transfers of data between the EU and US, the European Commission (EC) adopted an adequacy decision under Article 45 of the GDPR on the new EU-US Data Privacy Framework (the DPF) on 10 July 2023. As the […]

An Introduction to the ICO’s Guidance on Privacy-Enhancing Technologies

In June 2023, the UK Information Commissioner’s Office (ICO) published its guidance on enterprise privacy-enhancing technologies (PETs). Alongside it, the regulator has issued a call for organisations to adopt PETs within the next five years. Leaders will want to understand these technical, privacy-preserving solutions to capture the benefits of data collection, sharing and analysis in […]

Engaging young minds in the fight against air pollution

Teaching children about air pollution

Trilateral works with local communities on their net zero and air quality targets, encouraging behaviour change, improving health, and encouraging community engagment. With Project Trim, we’ve deployed a range of sensors and created the bespoke Meath Environmental Platform to deliver insights to Meath County Council, helping them understand existing problems and plan for the future. […]

ICO Publishes New Guidance on Responding to Subject Access Requests (SARs)

ICO Publishes New Guidance on Responding to Subject Access Requests (SARs)

Background On May 24, the UK Information Commissioner’s Office (ICO) published New Guidance, in the form of a Q&A, for businesses and employers on responding to Subject Access Requests (SARs). Subject Access Requests form part of the UK General Data Protection Regulation (UK GDPR) in Art.15 of the UK GDPR and Data Protection Act 2018 […]

Information Governance: know what you have, know why you have it

‘Everybody gets so much information all day long that they lose their common sense.’ – Gertrude Stein It is important for any business or organisation to know what information they hold, where they hold it, and why. Information can be highly sensitive, private or valuable. Sometimes it can be all these things at once. When […]

Data protection by design and default: what data controllers need to know and do

Data protection by design and default: what data controllers need to know - and do 

The Future of Privacy Forum (FPF), a prominent Washington thinktank, published a May 2023 report reflecting on data protection by design and by default. Data controllers’ duty to implement appropriate technical and organisational measures (‘TOMS’) was a novel obligation introduced into EU data protection law in 2018 through Article 25 GDPR. The law requires controllers […]