Recently we see more and more posts popping up on LinkedIn and elsewhere on how to optimize sales pipelines and other business processes using ChatGPT or some of its siblings. While the proposition is very tempting, there are huge problems for privacy and the protection of personal data, in particular as required under the GDPR. […]
Author: Silvan Jongerius
Silvan Jongerius is the Managing Partner of TechGDPR. He has led data protection and security efforts since 2012, has spent over 12 years in senior technology leadership, general management and innovation for large technology educators, and has focused on Blockchain projects since 2014.
He holds certifications from the Columbia Business School in Digital Strategies for Business, from the IAPP as Certified Information Privacy Professional (Europe/GDPR) and is TÜV certified Data Protection Officer (Datenschutzbeauftragter).
International Transfers of Personal Data after the Schrems II ruling
On July 16, 2020, the top court of the European Union (CJEU) issued a groundbreaking ruling on the so-called “Schrems II” case concerning international transfers of personal data from the European Union. It was meant to deal mostly with transfers to the main EU commercial partner – the United States – but turned out to […]
How to appoint a data protection officer?
Who should be appointed as DPO? This can either be an internal position, or can be assigned based on a service contract. Any assignment of a DPO should be free of conflict of interest, and should report to the highest body in the organisation. While a DPO could also have another position in the company, […]
Response to the GDPR-relevant points in the German Blockchain Strategy of September 2019
On September 12, the German Federal Ministry of Economy and Energy, and the German Federal Ministry of Finance published the German Federal Blockchain Strategy (German, PDF). After analysing the statements relating to Data Protection and GDPR, here is some high level response to the key points. Blockchain Strategy Implementation Principles [p5] “IT-Sicherheit und Datenschutz […]
GDPR compliant products debunked: it’s all about HOW you use it
I’ve seen this a bit too often lately: products that qualify themselves as ‘GDPR compliant’, falsely leaving the impression that by using that product, an organisation will be GDPR compliant. In particular some blockchain products like to label themselves as ‘GDPR compliant blockchain’ – as in the public opinion there are massive problems surrounding blockchain […]
GDPR’s Right to be Forgotten in Blockchain: it’s not black and white.
There have been many discussions about the big problem of the right to be forgotten (right to erasure, Article 17) under the GDPR. As blockchain generally is immutable, and the GDPR requires personal data to be deleted. Many people therefor conclude that it is impossible to store any kind of personal data on a blockchain. […]
The GDPR Canvas
The GDPR Canvas & how to use it Building on our experience of consulting technology companies with privacy and GDPR compliance, we are excited to release our GDPR Canvas publicly under a creative commons license. The GDPR Canvas is inspired by the Business Model Canvas by Alexander Osterwalder of Strategyzer. It was designed by TechGDPR to aid […]
Blockchain & DLT under the GDPR explained to the European Commission
Today, I had the opportunity to present the key issues of Blockchain & DLT under the GDPR to a delegation of the European Commission in Berlin. Below is a summarised version of the issues I presented. 1. Is the Opinion 05/2014 by Working Party 29 still valid? Article 29 Working Party issued comprehensive guidance on […]
One year of GDPR: GDPR enforcement and awareness
The General Data Protection Regulation (GDPR) came into force after years of debate and preparation. The European Commission started in January 2012 to set out plans for data protection reform across the European Union in order to make Europe ‘fit for the digital age’. Approved by the European Parliament in April 2016, the legislation came […]
Our first open GDPR Canvas workshop
On Thursday May 16th 2019, TechGDPR hosted it’s first open GDPR Canvas workshop: ‘Starting GDPR compliance with the GDPR Canvas’, for members of Factory Berlin. The GDPR Canvas Workshop is a workshop that is normally delivered within a team or organisation, but for this workshop we wanted to gain experience with the open format with […]