Cross-border data transfers between public authorities: the EDPB guidance

The digitalisation of the public sector and its information assets has reduced the barriers and boosted synergies in the public domain. Public authorities, now more innovative and digitalised than ever, are looking into strong synergies to better perform their tasks and execute the administrative roles efficiently. At the international level, cross-border cooperation requires a framework […]

The California Privacy Act: A Primer for European Businesses

Since the introduction of Regulation (EU) 2016/679 (General Data Protection Regulation -GDPR), our experts have commented on European judgements, policy and legal developments and official guidance on the implementation of the GDPR.  With the implementation of the California Consumer Privacy Act (CCPA) on 1st January 2020, we look across the pond at the key features of […]

New EDPB proposed guidelines on the territorial scope of the GDPR

Territorial scope GDPR

In their November 2018 plenary meeting, the European Data Protection Board (EDPB) adopted a set of guidelines on the territorial scope of application of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR). Article 3 GDPR, which regulates the matter, surprised subject matters experts for its potential reach, and the guidelines, which are open for public consultation until […]

eReceipts, The Irish Supervisory Authority’s Guidance on Using Personal Data Correctly

The Data Protection Commissioner (DPC) recently rereleased guidance on the increasingly popular use of eReceipts by organisations.  When used correctly they can be a convenient means by which a record of payment for a product or service can be provided. However, when misused, they can annoy customers, breach ePrivacy regulations and leave organisations open to […]

Data Protection Commission publishes new Subject Access Request Guidance

The Irish Data Protection Commissioner (DPC) has released new guidance on Subject Access Requests (SARs) for individuals and controllers.  Unsurprisingly, the majority of queries and complaints the DPC receives concern individuals exercising their “right of access” under Article 15 of Regulation (EU) 2016/679 (General Data Protection Regulation- GDPR).  It is critical that controllers are ready […]

Special categories of personal data: Special requirements and conditions

Special categories of personal data, colloquially called ‘sensitive data’, were already recognised under the Data Protection Directive 95/46/EC as a category of personal data requiring further protection. Regulation (EU) 2016/679 (GDPR) has added genetic and biometric data to the list of sensitive data and enhanced their protection. In this article, we look at and discuss […]

Privacy, data protection and drone operations: the new EASA Guidance

Trilateral’s DroneRules PRO materials on privacy and data protection have been included in official European Aviation Safety Agency Guidance to assist the drone industry to comply with the new EU wide drone Regulations and the General Data Protection Regulation (GDPR). In 2018 the European Aviation Safety Agency (EASA) took over regulatory responsibility for the use […]

Training sessions for drone professionals – Online Data Privacy Course

On 25 September 2019, Trilateral conducted, in cooperation with RoboAcademy, a DroneRules PRO training session at the Faculty of Aerospace Engineering TU Delft in the Netherlands. This was the final in a series of workshops that brought together more than 90 drone stakeholders in 6 different countries (Ireland, Belgium, Germany, Italy, Spain, Netherlands) and gave […]