Publishing house fined for data security violation under the GDPR
In late 2021, the Spanish Data Protection Authority (‘AEPD’) initiated an investigation on the data processing activities of Bayard Revistas S.A., a publishing house in Madrid, after receiving a complaint by an individual. According to this complaint, the person in charge of Bayard’s web portal notified all data subjects via e-mail that a third party […]
Landmark CJEU judgment confirms broad interpretation of Special Category Data
Earlier this month, a case referred by the Regional Administrative Court of Lithuania to the CJEU OT v Vyriausioji tarnybinės etikos komisija resulted in a landmark judgment that included a broad interpretation of what constitutes special category personal data, which should give pause for thought for all organisations processing personal data. This article explains the potential […]
Article 30 Record Keeping – Know your data
Following the ‘Ask the DPC anything’ webinar hosted by the Irish branch of EADPP – European Association of Data Protection Professionals, it has been suggested that the Irish Supervisory Authority, the Data Protection Commission (DPC) is planning a “deep dive” review of organisations’ documentation of their processing activities, across a range of sectors. The DPC […]
Human intervention and human oversight in the GDPR and AI Act
Differences and Practical Challenges The GDPR introduced the notion of ‘human intervention’ as a way to prevent, in certain circumstances, decision-making based solely on automated means. The forthcoming AI proposal for a Regulation (“AI Act”) uses the term ‘human oversight’ and sets out certain obligations. For instance, in December 2021, the European Committee of the […]
Helping SMEs better cope with the GDPR
As part of the STAR II project, TRI has been working on better understanding how small and medium enterprises (SMEs) have coped with the GDPR, and the challenges they have faced. The project has also researched how EU data protection authorities have attempted to support SMEs and the guidance they have made available. These findings […]
What are the challenges that SMEs are facing in complying with the GDPR? A view from the field
Since the GDPR came into force in May 2018, organisations of all sizes have been grappling with the principle-based regulation. Some larger organisations, benefiting from greater resources, were able to apply their legal and technological capabilities to prepare for the go-live date from when the legislation was first published in May 2016. Initially, the Supervisory […]
Developing GDPR training materials for data protection authorities
We are delighted to introduce the STAR GDPR training material. As a result of the collaboration between the Law, Science, Technology & Society research group at VUB (https://lsts.research.vub.be/), the Hungarian data protection authority NAIH (https://naih.hu/) and Trilateral Research, as part of the EC funded project STAR, we have developed a set of General Data Protection […]
The GDPR: A business imperative
In this article, we look at what it means to be GDPR compliant and the benefits of doing so. Referring to the latest study carried out by the European project STAR II, Trilateral Research’s Data Protection Consultant Kai Matturi investigates the impact surrounding SMEs not being GDPR compliant and the effects it can have on […]
Privacy, data protection and drone operations: the new EASA Guidance
Trilateral’s DroneRules PRO materials on privacy and data protection have been included in official European Aviation Safety Agency Guidance to assist the drone industry to comply with the new EU wide drone Regulations and the General Data Protection Regulation (GDPR). In 2018 the European Aviation Safety Agency (EASA) took over regulatory responsibility for the use […]
STAR Research project launches free and open GDPR training materials
Trilateral has worked with DPAs, academics and business to develop a set of freely available GDPR training materials which will be presented in this month’s project final conference in Brussels and Tirana. In this article, David Barnard-Wills, Research Manager at Trilateral Research, presents the DPAs’ approach to training in countries across the EU, the gaps in the current materials, and […]
