Blog

Data protection digest 17 Jun – 1 Jul 2025: protecting individuals, not organisations, should be the focus of risk assessment

Posted on July 2, 2025July 2, 2025 by Olya Vasylyk Category:Data Protection Digest

Risk Assessment Personal data protection should be the cornerstone of risk assessments for organisations. The Polish regulator UODO came to this conclusion after investigating a ransom attack in a children’s clinical hospital in Białystok. Access to IT systems was blocked, which resulted in a breach of confidentiality and availability of personal data of approximately 2,000 […]

How to build trustworthy AI from the ground up with Privacy by Design?

Posted on June 25, 2025June 25, 2025 by AJ Richter Category:Artificial Intelligence, Privacy by Design

We now live in a time where technologies such as artificial intelligence are increasingly woven into the fabric of existence. AI is invisibly present performing an array of functions such as showing recommendations, fraud detection, disease prediction, and traffic navigation. However, concern about privacy is growing along with the benefits of these technologies. Questions like […]

Data protection digest 2-16 June 2025: Data controller, processor, how to properly identify your GDPR role

Posted on June 17, 2025June 17, 2025 by Olya Vasylyk Category:Data Protection Digest, GDPR

GDPR role, how to determine? The French privacy regulator CNIL reviews the criteria and practical consequences of determining the GDPR role of data controllers and processors. The qualification does not always depend on a contractual choice but on the facts: who decides what, and who executes what, concerning personal data. The controller is the natural […]

AI and the GDPR: Understanding the Foundations of Compliance

Posted on June 4, 2025June 4, 2025 by Oluwatosin Victoria Ademokun Category:Artificial Intelligence, GDPR

Artificial intelligence (AI) is a fast evolving group of technologies which presents both great benefits and risks. Ensuring that these technologies align with data protection laws is not just a matter of best practice; it’s a legal necessity. It is arguably the most comprehensive data protection framework in the world, the General Data Protection Regulation […]

Data protection digest 17 May – 1 June 2025: The ‘reject all’ button is a must; legitimate interest as the data controller’s initiative

Posted on June 3, 2025June 3, 2025 by Olya Vasylyk Category:Data Protection Digest

‘Reject all’ button The State Commissioner for Data Protection of Lower Saxony has ruled that the “Reject all” button is a must on the first level of the consent banner for cookie preferences when an “Accept all” option is available. Consent banners may not specifically encourage consent and discourage the rejection of cookies. Otherwise, the […]

Comparing the UK and EU’s framework on facial recognition technology

Posted on May 26, 2025May 26, 2025 by Edda Pernice Category:Artificial Intelligence, GDPR, UK GDPR

As advancements in technology affect all areas in our lives, law enforcement agencies and private companies are also testing the use of artificial intelligence (AI) for the purpose of public safety. Advanced Remote Biometric Identification (RBI), specifically in the form of Facial Recognition Technology (FRT), are currently at the centre of discussion. RBI refers to […]

Data protection digest 3 – 16 May 2025: ‘divided’ court ruling on IAB Europe, data brokers and national security

Posted on May 19, 2025May 19, 2025 by Olya Vasylyk Category:Data Protection Digest

IAB Europe case results in mixed decision IAB Europe and Belgium’s data protection authority have each claimed a ‘partial victory’ in the latest court decision over whether the IAB is liable for personal data processing over the online ad tools the industry group provides for the market, Telecompaper reports. The Belgian Market Court has annulled […]

How Privacy Enhancing Technologies (PETs) Can Help Organizations Stay GDPR Compliant

Posted on May 13, 2025May 13, 2025 by AJ Richter Category:GDPR, PETs, Technical

Safeguarding personal information is now more important than ever. 95% of customers will not engage with companies that cannot offer adequate safeguards for their data. With data protection regulations like the General Data Protection Regulation (GDPR), organizations are under constant pressure to protect sensitive data while ensuring compliance. Privacy Enhancing Technologies (PETs) have emerged as […]

Seven Actionable Steps to Achieve GDPR Compliance for E-Commerce Businesses

Posted on May 7, 2025May 7, 2025 by Oluwatosin Victoria Ademokun Category:GDPR

GDPR compliance helps businesses to ensure transparency, build customer trust, enhance data security, and avoid fines of up to €20 million or 4% of turnover. Many companies such as Amazon, LinkedIn, Clearview, and Netflix among others, have faced significant fines due to data protection failures. E-commerce businesses process large amounts of personal data, including contact […]

Data protection digest 18 Apr – 2 May 2025: data controller obligation to monitor deletion or return of personal data held by the processor

Posted on May 5, 2025May 5, 2025 by Olya Vasylyk Category:Data Protection Digest

Data controller obligation Upon termination of a processing agreement, the controller is obliged to monitor the deletion of personal data held by the processor. Such was a ruling by the Higher Regional Court of Dresden, Germany, closely looked at by a DLA Piper analysis. The plaintiff was a user of the online music streaming service […]

Do you need support on data protection, privacy or GDPR? TechGDPR can help.

Contact Us

Thank You!

Thank You!