Data Protection Law and Ethics: where do we stand?

Data Ethics

Following the latest advancements in the digital economy, technology and science, it has become clear that personal data is the new oil. Regulation (EU) 2016/679 (GDPR) is the response to technological challenges. It aims to empower data subjects and ensure uniformity among Member States. This ambitious piece of legislation has been also accompanied by a […]

Lessons on consent: the use of data analytics in political campaigns

Consent in use of personal data

The ICO report on the investigation into the use of data analytics in political campaigns  In July 2018, the Information Commissioner’s Office (ICO) published a progress report on its ongoing investigation into the use of people’s personal data to influence political opinion. This forms part of a larger parliamentary inquiry into the proliferation of fake […]

Requesting customer data: the (desperate) need for proper processes


Over the past few months, a considerable amount of news addressed the questionable practices adopted by some organisations to allegedly comply with the General Data Protection Regulation (GDPR). Some of these practices also led regulatory authorities to issue fines to ensure that a simple and yet strong message sinks in all organisations’ compliance departments: don’t […]

Preventing Personal Data Breaches: more than just cyber-security

A recent news story from BBC news has highlighted the importance of ensuring all organisations have a full-scale data security policy. When many organisations think of data security, they think of cyber-security and preventing malicious attacks. However, ensuring your policy includes provisions for physical security both within and outside the organisation is also essential. According […]

ICO report highlights increased public awareness of data protection

The Information Commissioner’s Office (“ICO”) has recently published its annual report for the 2017-2018 period, outlining the work it has undertaken over the past year (1 April 2017-31 March 2018). The report includes some interesting facts and figures relevant to organisations, especially public sector organisations, handling personal data in the context of the GDPR. First, […]

Which are the technology areas to assess for the GDPR implementation?


In this blog, we share insights into the technical areas we often analyse for our clients in the private and public sector for the GDPR implementation, such as: Assessment of data flow, transfer, and sharing Assessment of data storage, retention, and deletion Assessment of access control and security Assessment of access procedures, policy, and legal […]

DroneRules PRO is looking for new Advisory Board members


The future of drone use is changing. As GDPR enters into force, drone pilots and operators will have to rethink the way they operate. As part of the DroneRules PRO, we are creating a privacy and data protection culture within the European drone industry and will facilitate compliance with the new legislation. Trilateral and partners […]

Is Your Organisation A Public Authority Under the GDPR?

public authority under the GDPR 1

One of the key elements to consider when assessing whether your organisation needs to appoint a Data Protection Officer (DPO), is to determine whether it will be regarded as a public authority under the General Data Protection Regulation’s (GDPR) Regime. It is of key importance that organisations carry out this assessment as soon as possible […]