Blog

Data protection digest 2-17 Aug 2025: “Data protection says what should be done, information security says how we do it” – Estonian regulator

Posted on August 18, 2025August 19, 2025 by Olya Vasylyk Category:Data Protection Digest, GDPR

How is data protection related to information security? The goal of information security is to protect an organisation’s business processes. This means responsibility for the security of the entire operating system and the ability to resist any activities that threaten the availability, authenticity, integrity, and confidentiality of data processed in the system or the services […]

Data protection digest 18 Jul – 1 Aug 2025: DPO as a value creator and return on investment for companies

Posted on August 4, 2025August 4, 2025 by Olya Vasylyk Category:Data Protection Digest, DPO

The DPO as a value for a company The French data protection regulator CNIL has studied the economic benefits of the presence of a Data Protection Officer within companies. Statistical analysis shows that it is often profitable, especially for companies taking a positive approach to GDPR compliance. The two most represented sectors were research, IT […]

GDPR Compliance for AI: Managing Cross-Border Data Transfers

Posted on July 23, 2025July 23, 2025 by AJ Richter Category:Artificial Intelligence, GDPR, International Transfers, Regulation

Artificial intelligence (AI) is based on large and varied datasets to train models and enhance functionality. Though AI often works across borders, data protection regulations such as the EU General Data Protection Regulation (GDPR) impose stringent controls on transferring personal data abroad. The question is evident: how do businesses employ global AI systems and continue […]

Data protection digest 3-17 July 2025: AI-generated voice and visuals’ potential to violate people’s rights and freedoms

Posted on July 17, 2025July 17, 2025 by Olya Vasylyk Category:Data Protection Digest

A recent Guardian article caused a stir when it reported that an AI-generated band got 1m plays on Spotify in the past couple of weeks. Only after releasing two albums, the group called “The Velvet Sundown” admitted their music, images and backstory were created by AI. The story has triggered a debate on authenticity and […]

Respecting Data Subject Rights in AI: A Practical Guide for Businesses

Posted on July 9, 2025July 9, 2025 by Oluwatosin Victoria Ademokun Category:Artificial Intelligence, Data Subjects, GDPR, Privacy by Design, Security

Nowadays, data subject rights must be considered as artificial intelligence (AI) revolutionizes industries. However, with this advancement, data privacy and data protection both become major concerns for both businesses and consumers. With AI tools enabling greater collection and use of personal data, making it more critical than ever for organizations to respect the rights of […]

Data protection digest 17 Jun – 1 Jul 2025: protecting individuals, not organisations, should be the focus of risk assessment

Posted on July 2, 2025July 3, 2025 by Olya Vasylyk Category:Data Protection Digest

Risk Assessment Personal data protection should be the cornerstone of risk assessments for organisations. The Polish regulator UODO came to this conclusion after investigating a ransom attack in a children’s clinical hospital in Białystok. Access to IT systems was blocked, which resulted in a breach of confidentiality and availability of personal data of approximately 2,000 […]

How to build trustworthy AI from the ground up with Privacy by Design?

Posted on June 25, 2025June 25, 2025 by AJ Richter Category:Artificial Intelligence, Privacy by Design

We now live in a time where technologies such as artificial intelligence are increasingly woven into the fabric of existence. AI is invisibly present performing an array of functions such as showing recommendations, fraud detection, disease prediction, and traffic navigation. However, concern about privacy is growing along with the benefits of these technologies. Questions like […]

Data protection digest 2-16 June 2025: Data controller, processor, how to properly identify your GDPR role

Posted on June 17, 2025July 8, 2025 by Olya Vasylyk Category:Data Protection Digest, GDPR

GDPR role, how to determine? The French privacy regulator CNIL reviews the criteria and practical consequences of determining the GDPR role of data controllers and processors. The qualification does not always depend on a contractual choice but on the facts: who decides what, and who executes what, concerning personal data. The controller is the natural […]

AI and the GDPR: Understanding the Foundations of Compliance

Posted on June 4, 2025June 4, 2025 by Oluwatosin Victoria Ademokun Category:Artificial Intelligence, GDPR

Artificial intelligence (AI) is a fast evolving group of technologies which presents both great benefits and risks. Ensuring that these technologies align with data protection laws is not just a matter of best practice; it’s a legal necessity. It is arguably the most comprehensive data protection framework in the world, the General Data Protection Regulation […]

Data protection digest 17 May – 1 June 2025: The ‘reject all’ button is a must; legitimate interest as the data controller’s initiative

Posted on June 3, 2025June 3, 2025 by Olya Vasylyk Category:Data Protection Digest

‘Reject all’ button The State Commissioner for Data Protection of Lower Saxony has ruled that the “Reject all” button is a must on the first level of the consent banner for cookie preferences when an “Accept all” option is available. Consent banners may not specifically encourage consent and discourage the rejection of cookies. Otherwise, the […]

Do you need support on data protection, privacy or GDPR? TechGDPR can help.

Contact Us

Thank You!

Thank You!