GDPR Right to Portability – submission to Article 29 Working Party

ABSTRACT: A list of current and future "how-to" posts on practical enterprise-specific GDPR compliance using public domain objects, with optional... read more

ABSTRACT: must Controllers inform processors of the legal bases of processing? Prima facie no: but from a legal and business-strategic... read more

Abstract: Simple methods to inoculate data protection (or any other) multi-jurisdictional software from Brexit and similar events, before their possibility... read more

ABSTRACT: Supervisors are interested in GDPR risks. Financial regulators are interested in financial risks. Often the latter may be derivative... read more

SR Submission to WP29 - 16-EN wp243 DRAFT DPO Guidance read more

ABSTRACT: Each of the Article 6(1) bases interacts with other Articles and other laws in different ways, and have different... read more

"Can I sue my school for telling my grades to my parents via a website, with the European GDPR law?" This... read more

IP addresses can determine jurisdiction - as classically exploited by private and public surveillance agencies, BigTech, other data brokers,  and... read more

The Three Knights are riding to the rescue! Or... is it.. the Three Stooges, or perhaps Sanchos, tilting at the windmills... read more

"Data breaches... Armageddon..." - Morrisons v Various Claimants, [2018] EWCA Civ 2339 at para 78. Caveat: I confess at the outset... read more