Blog

Comparing the UK and EU’s framework on facial recognition technology

As advancements in technology affect all areas in our lives, law enforcement agencies and private companies are also testing the use of artificial intelligence (AI) for the purpose of public safety. Advanced Remote Biometric Identification (RBI), specifically in the form of Facial Recognition Technology (FRT), are currently at the centre of discussion. RBI refers to […]

Data protection digest 3 – 16 May 2025: ‘divided’ court ruling on IAB Europe, data brokers and national security

IAB Europe case results in mixed decision IAB Europe and Belgium’s data protection authority have each claimed a ‘partial victory’ in the latest court decision over whether the IAB is liable for personal data processing over the online ad tools the industry group provides for the market, Telecompaper reports. The Belgian Market Court has annulled […]

How Privacy Enhancing Technologies (PETs) Can Help Organizations Stay GDPR Compliant

Safeguarding personal information is now more important than ever. 95% of customers will not engage with companies that cannot offer adequate safeguards for their data. With data protection regulations like the General Data Protection Regulation (GDPR), organizations are under constant pressure to protect sensitive data while ensuring compliance. Privacy Enhancing Technologies (PETs) have emerged as […]

Seven Actionable Steps to Achieve GDPR Compliance for E-Commerce Businesses

GDPR compliance helps businesses to ensure transparency, build customer trust, enhance data security, and avoid fines of up to €20 million or 4% of turnover. Many companies such as Amazon, LinkedIn, Clearview, and Netflix among others, have faced significant fines due to data protection failures. E-commerce businesses process large amounts of personal data, including contact […]

Data protection digest 18 Apr – 2 May 2025: data controller obligation to monitor deletion or return of personal data held by the processor

Data controller obligation Upon termination of a processing agreement, the controller is obliged to monitor the deletion of personal data held by the processor. Such was a ruling by the Higher Regional Court of Dresden, Germany, closely looked at by a DLA Piper analysis. The plaintiff was a user of the online music streaming service […]

Preparing for the CIPP/E Exam: Tips and Best Practices

As data protection compliance remains an area of importance across industries, the CIPP/E credential is one of the most recognized benchmarks for privacy professionals working with European data protection laws, in particular the General Data Protection Regulation (GDPR). In order to gain the qualification, the International Association of Privacy Professionals (IAPP), requires one to first […]

Data protection digest 3 – 17 Apr 2025: Meta AI training restarts in Europe, virtual assistants vs data privacy

Meta AI training in EEA According to the Norwegian regulator Datatilsynet, Meta will start training its AI service on photos, posts and comments from Facebook and Instagram users in the EEA at the end of May 2025. The purpose of the training is to develop and improve Meta’s generative AI services, based on users’ content […]

What to Expect When Taking the CIPP/E Certification Exam

If you’re exploring a career in data protection or want to deepen your understanding of the EU’s General Data Protection Regulation (GDPR), you’ve likely heard of the CIPP/E certification exam. Offered by the International Association of Privacy Professionals (IAPP), this certification is a recognized benchmark for professionals in European data protection law. It is highly […]

Data protection digest 18 Mar – 2 Apr 2025: 23andMe bankruptcy case, digital spring cleaning

23andMe genetic data The 23andMe genetic company filed for bankruptcy in the US after struggling with weak demand for its ancestry testing kits and a 2023 data breach that damaged its reputation, Reuters reports. US officials had questioned what would happen to the genetic data collected by 23andMe, although the company’s privacy policies state that […]

How does the GDPR govern retention periods for businesses?

The General Data Protection Regulation (GDPR) establishes clear guidelines to prevent unnecessary data storage and ensure that personal information is retained only for as long as it serves a legitimate purpose. Storage limitation requires that companies justify and set our data retention periods while considering all legal obligations. Navigating legal requirements and transforming them into […]

Do you need support on data protection, privacy or GDPR? TechGDPR can help.

Request your free consultation