COVID-19, Data Protection law and Privacy… Or the needs of the many vs the needs of the one.

When you have no right to privacy, Data Protection law governs the organisations respect for your information. It should not be Data Utility vs Privacy, but Data Protection and Data Utility. The terms data protection and privacy are often used interchangeably.  Recently I have seen a high number of articles about “COVID-19 Symptom tracking Apps” and … Continue reading COVID-19, Data Protection law and Privacy… Or the needs of the many vs the needs of the one.

Belgium DPO conflict of interest resulted in a fine

2 years on and finally a fine pertaining directly to the role of the DPO.... hurray! What a great celebration for GDPR and each of us who have the privilege to be a Data Protection Officer. Avoidance of a conflict of interest for the DPO is super important in any organisation because the role requires … Continue reading Belgium DPO conflict of interest resulted in a fine

GDPR is very Personal

It is a personal post. Not that it is annivarsary of GDPR so I am very emotional due to that but because to me, GDPR is very personal and I hope you don’t mind. Personal Letter When was the last time you sent a letter? I do not mean letter to tax office, employment agency, … Continue reading GDPR is very Personal

On the Second Anniversary of the GDPR: Mobile App Descriptions

With today being the second anniversary of the GDPR, below is an article I wrote regarding mobile apps and privacy, particularly with respect to the U.S. COPPA statute (Children's Online Privacy Protection Act). I reviewed over 10,400 mobile apps in the Google and Apple stores while working at a Washington, DC, law firm and it … Continue reading On the Second Anniversary of the GDPR: Mobile App Descriptions

Happy Birthday 2 years on with GDPR!

In celebration for GDPR 2 years on, I thought to repost some blogposts from June 2018. However, when looking I realised that they were a few and the theme was strong on how our personal data is public in Sweden and the use of utgivningsbevis to keep this status quo. So, I ended writing an … Continue reading Happy Birthday 2 years on with GDPR!

Happy GDPR Day!

On the two-year anniversary of the EU's GDPR I thought it would be timely to post an excerpt from the 2nd edition of my Cybersecurity Law, Standards and Regulations book published earlier this year. The European Union (EU) General Data Protection Regulation (GDPR) was approved by the EU parliament on April 14, 2016 and became … Continue reading Happy GDPR Day!

Accountability. Implications for a Controller using CCTV.

But what is a controller I hear you ask?! Once again we return to the “purpose and means (essential elements) of processing”. Not trying to get boring about it but this is where the magic happens! We have some interesting and challenging situations to consider. We need to always come back to who is the … Continue reading Accountability. Implications for a Controller using CCTV.