Cross-border data transfers between public authorities: the EDPB guidance
The digitalisation of the public sector and its information assets has reduced the barriers and boosted synergies in the public domain. Public authorities, now more innovative and digitalised than ever, are looking into strong synergies to better perform their tasks and execute the administrative roles efficiently. At the international level, cross-border cooperation requires a framework […]
All you need to know to get ready for the ICO’s Age Appropriate Design Code
This article highlights how organisations can understand the scope of the ICO’s Age Appropriate Design Code and get ready for the implementation of the Code.
The California Privacy Act: A Primer for European Businesses
Since the introduction of Regulation (EU) 2016/679 (General Data Protection Regulation -GDPR), our experts have commented on European judgements, policy and legal developments and official guidance on the implementation of the GDPR. With the implementation of the California Consumer Privacy Act (CCPA) on 1st January 2020, we look across the pond at the key features of […]
New EDPB proposed guidelines on the territorial scope of the GDPR
In their November 2018 plenary meeting, the European Data Protection Board (EDPB) adopted a set of guidelines on the territorial scope of application of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR). Article 3 GDPR, which regulates the matter, surprised subject matters experts for its potential reach, and the guidelines, which are open for public consultation until […]
eReceipts, The Irish Supervisory Authority’s Guidance on Using Personal Data Correctly
The Data Protection Commissioner (DPC) recently rereleased guidance on the increasingly popular use of eReceipts by organisations. When used correctly they can be a convenient means by which a record of payment for a product or service can be provided. However, when misused, they can annoy customers, breach ePrivacy regulations and leave organisations open to […]
Data Protection Commission publishes new Subject Access Request Guidance
The Irish Data Protection Commissioner (DPC) has released new guidance on Subject Access Requests (SARs) for individuals and controllers. Unsurprisingly, the majority of queries and complaints the DPC receives concern individuals exercising their “right of access” under Article 15 of Regulation (EU) 2016/679 (General Data Protection Regulation- GDPR). It is critical that controllers are ready […]
Special categories of personal data: Special requirements and conditions
Special categories of personal data, colloquially called ‘sensitive data’, were already recognised under the Data Protection Directive 95/46/EC as a category of personal data requiring further protection. Regulation (EU) 2016/679 (GDPR) has added genetic and biometric data to the list of sensitive data and enhanced their protection. In this article, we look at and discuss […]
Privacy, data protection and drone operations: the new EASA Guidance
Trilateral’s DroneRules PRO materials on privacy and data protection have been included in official European Aviation Safety Agency Guidance to assist the drone industry to comply with the new EU wide drone Regulations and the General Data Protection Regulation (GDPR). In 2018 the European Aviation Safety Agency (EASA) took over regulatory responsibility for the use […]
Training sessions for drone professionals – Online Data Privacy Course
On 25 September 2019, Trilateral conducted, in cooperation with RoboAcademy, a DroneRules PRO training session at the Faculty of Aerospace Engineering TU Delft in the Netherlands. This was the final in a series of workshops that brought together more than 90 drone stakeholders in 6 different countries (Ireland, Belgium, Germany, Italy, Spain, Netherlands) and gave […]
The Implications of ISO 27701 for organisations seeking privacy certification
ISO27701 is set to be the international standard for Privacy Information Management Systems (PIMS). It allows organisations that have already achieved ISO 27001 to align their privacy and Information Security Management Systems (ISMS) and demonstrate an appropriate control environment. In the same way that ISO 27001 is considered to be the ‘gold standard’ for information […]
