The GDPR: A business imperative

In this article, we look at what it means to be GDPR compliant and the benefits of doing so. Referring to the latest study carried out by the European project STAR II, Trilateral Research’s Data Protection Consultant Kai Matturi investigates the impact surrounding SMEs not being GDPR compliant and the effects it can have on […]

Privacy, data protection and drone operations: the new EASA Guidance

Trilateral’s DroneRules PRO materials on privacy and data protection have been included in official European Aviation Safety Agency Guidance to assist the drone industry to comply with the new EU wide drone Regulations and the General Data Protection Regulation (GDPR). In 2018 the European Aviation Safety Agency (EASA) took over regulatory responsibility for the use […]

STAR Research project launches free and open GDPR training materials

Trilateral has worked with DPAs, academics and business to develop a set of freely available GDPR training materials which will be presented in this month’s project final conference in Brussels and Tirana. In this article, David Barnard-Wills, Research Manager at Trilateral Research, presents the  DPAs’ approach to training in countries across the EU, the gaps in the current materials, and […]

How are small businesses managing the GDPR?

It is over a year now since the General Data Protection Regulation (GDPR) came into force throughout the EU and the STAR II project has also been designed to understand how small and medium enterprises (SMEs) have experienced the GDPR during this period. To find out about the SMEs’ experience of the GDPR, Trilateral Research, […]

Nosy Drones? Know the rules before you fly

technology 2589463 1920 copy

Due to their manoeuvrability, varying designs and sizes, as well as the vast array of hardware and software capabilities they could be equipped with, drones have found widespread applications in fields spanning cinematography, insurance valuations, construction project planning, real estate sales and infrastructure inspections among others. As this new technology becomes increasingly available, it has […]

GDPR and Charities: Key operational considerations

GDPR and Charities

For companies and individuals that work in the area of data privacy, it is fair to say that 2018 was the year of privacy. In May, Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), the world’s most stringent privacy law, came into effect. The GDPR does not differentiate between organisations, it sets (pretty much) […]

Privacy Insight: Anonymisation and data-erasure requests

anonimysed 1 e1547111702982

Anonymisation and data-erasure requests: a perfect solution or a dangerous false friend? With the GDPR now fully applicable, data subjects are entitled to exercise a number of new rights over their personal data undergoing processing by organisations. They are able to demand that – in certain circumstances and with some limitations – organisations abide their […]

Data Protection Law and Ethics: where do we stand?

Data Ethics

Following the latest advancements in the digital economy, technology and science, it has become clear that personal data is the new oil. Regulation (EU) 2016/679 (GDPR) is the response to technological challenges. It aims to empower data subjects and ensure uniformity among Member States. This ambitious piece of legislation has been also accompanied by a […]

Lessons on consent: the use of data analytics in political campaigns

Consent in use of personal data

The ICO report on the investigation into the use of data analytics in political campaigns  In July 2018, the Information Commissioner’s Office (ICO) published a progress report on its ongoing investigation into the use of people’s personal data to influence political opinion. This forms part of a larger parliamentary inquiry into the proliferation of fake […]

Requesting customer data: the (desperate) need for proper processes


Over the past few months, a considerable amount of news addressed the questionable practices adopted by some organisations to allegedly comply with the General Data Protection Regulation (GDPR). Some of these practices also led regulatory authorities to issue fines to ensure that a simple and yet strong message sinks in all organisations’ compliance departments: don’t […]