Digital online rights for children

Sweden is ahead of the rest of the world when it comes to children's rights, even in the digital/online world. Read more here. To say I felt an excitement deep in me is an understatement. It was children's safety online which brought me into privacy. My master thesis for my MSc Information Security was on … Continue reading Digital online rights for children

H&M have invaded employee privacy

So hot of the press is that H&M (a Swedish business), although the fine of €41,4m was due to practices in one of their German outlets which were not compliant with GDPR. Clearly as an employer it is difficult to avoid the collection of sensitive data from employees, i.e. when they are sick, just the … Continue reading H&M have invaded employee privacy

BCRs and Tetra Pak has just got them approved in Sweden

An extremely interesting development considering the recent Schrems II decision and that Tetra Pak has US operations. This is a first for the Swedish Data Protection Authority with BCRs. OneTrust has a good summary of the decision, etc., in English. Here is the decision in Swedish. Now, there is much discussions on the legality of … Continue reading BCRs and Tetra Pak has just got them approved in Sweden

Who is the controller?

An extremely well-written article from OneTrust in the context of adtech, but still I am sure will get you thinking deep.

Cookie consent banner for the SMB

There's been quite some cookie talk lately on this blog and one reason why is that I have as CEO of my little startup been looking for a cookie consent banner which costs nothing for my website. So why only now. Well, I did only have essential cookies on my website until recently which didn't … Continue reading Cookie consent banner for the SMB

Let’s get creative with cookie banners! I’m sure it’s fine?

I am seeing more and more the new type cookie banner, which basically informs you of non-essential cookies, i.e. it is not required for the essential ones which is great, however.... there is some creative engineering active which is not compliant with GDPR. I am accepting non-essential cookies, for whatever the reason on my side, … Continue reading Let’s get creative with cookie banners! I’m sure it’s fine?

An open letter to the CJEU from L

Read a view of the Schrems' decisions from the other side of the great pond, in the U.S. I found this to be an informative, serious but fun read through the spectacles of Lydia F de la Torre, EU & US Counsel (Spain/California) and a lecturer of Privacy Law at Santa Clara University School of … Continue reading An open letter to the CJEU from L

In the Privacy Shield storm -practical advice

I am and still attending a great session hosted by the IAPP on the Schrems II decision and Privacy Shield consequence, i.e. it is no longer a legal mechanism for data transfer from the EU to the US. Miriam Wegmeister was a great panelist and gave some great insights, very practical and cool lady! Practical … Continue reading In the Privacy Shield storm -practical advice

Yes, I’m angry about the Schrems II decision!

Why the hell should a devote privacy and GDPR advocate be angry about this decision, after all it's good for privacy is it not? Yes decision is correct, but also no. Clearly Facebook is a scapegoat, twice now with Schrems I and II. But now we are in limbo again! The fact is that even … Continue reading Yes, I’m angry about the Schrems II decision!

What went wrong? Foodora hacked!

Half a million customer data was stolen by hackers is being reported by Swedish newspapers. Foodora a Swedish concern is owned by a German business, Delivery Hero. As one can guess by the combination of both names: 1) its about food, and 2) yes, customers book online from whichever is their favourite restaurant and get … Continue reading What went wrong? Foodora hacked!