Trilateral’s DroneRules PRO materials on privacy and data protection have been included in official European Aviation Safety Agency Guidance to assist the drone industry to comply with the new EU wide drone Regulations and the General Data Protection Regulation (GDPR). In 2018 the European Aviation Safety...

A recent article by Boston Consulting Group outlined how organisations should assess cybersecurity risks in order to target spending on the risks most likely to have a significant financial impact. It noted that cybersecurity attacks and cybersecurity spending are on the rise with the latter...

On 25 September 2019, Trilateral conducted, in cooperation with RoboAcademy, a DroneRules PRO training session at the Faculty of Aerospace Engineering TU Delft in the Netherlands. This was the final in a series of workshops that brought together more than 90 drone stakeholders in 6...

Trilateral has worked with DPAs, academics and business to develop a set of freely available GDPR training materials which will be presented in this month's project final conference in Brussels and Tirana. In this article, David Barnard-Wills, Research Manager at Trilateral Research, presents the  DPAs’ approach to training in countries...

It is over a year now since the General Data Protection Regulation (GDPR) came into force throughout the EU and the STAR II project has also been designed to understand how small and medium enterprises (SMEs) have experienced the GDPR during this period. To find out...

The new world economy relies on data-driven technologies and systems. Data is knowledge and innovation, ensuring scientific progress. There is a strong debate on whether the new General Data Protection Regulation (GDPR) constitutes an enabler or hindrance for scientific research. Although the focus has been...

Data Protection Authorities including the ICO and the Irish Data Protection Commission have recently released updated cookie guidance and CNIL, the French Data Protection Authority, have released updated guidelines, repealing their 2013 guidelines which suggested that a valid form of consent to cookies included the...

In a historic move, the Danish Data Protection Authority, Datatilsynet has recommended its first fine under the GDPR regime for taxi company Taxa4x35 for its failure to adhere to principles of data minimisation and a failure to properly anonymise personal data. Organisations who wish to avoid...

A recent editorial (March 2019) and article (Jan 2019) in the British Medical Journal have focused on how medical mobile apps, currently a booming market, routinely share users’ data. Given the purpose of these mobile applications and the fact that their use is sometimes suggested to patients...

Due to their manoeuvrability, varying designs and sizes, as well as the vast array of hardware and software capabilities they could be equipped with, drones have found widespread applications in fields spanning cinematography, insurance valuations, construction project planning, real estate sales and infrastructure inspections among...

Many organisations have already recognised the need to appoint specialist personnel to ensure they are meeting their obligations in relation to the protection of personal data. For example, the General Data Protection Regulation (GDPR) requires many types of organisations to appoint a Data Protection Officer...

The French Supervisory Authority, Commission nationale de l'informatique et des libertés (CNIL) has issued Google LLC with a €50m (£44m) fine following an investigation into their advertisement personalisation purposes. This marks the first occasion Google has been fined under the EU General Data Protection Regulation...

The General Data Protection Regulation (GDPR) creates a new role called a Data Protection Officer which assists a data controller or processor to monitor their internal compliance. Although not every organisation requires a Data Protection Officer (DPO), the GDPR provides that the DPO may be an...

The Council of Europe (CoE) in 2006 launched a Data Protection Day to be celebrated each year on 28th January, the date on which the CoE’s data protection convention, known as “Convention 108” was signed. The day, known as Data Protection Day in Europe, is...

To mark Data Protection Day, Trilateral has produced a special article that examines how the General Data Protection Regulation (GDPR) changes the rules for research. The GDPR adopts a “broad” definition of research, encompassing the activities of public and private entities alike (Recital 159). Research occupies...

For companies and individuals that work in the area of data privacy, it is fair to say that 2018 was the year of privacy. In May, Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), the world's most stringent privacy law, came into effect. The...

In this blog, Benjamin Falk, co-founder of Yo-Da, outlines the current market landscape for personal data and provides insights on how data protection law will drive enormous socioeconomic benefits, bringing Europe in the lead of the international race for artificial intelligence supremacy. I attended the GovTech Summit in...

The Data Protection Supervisory Authorities (DPAs) of 22 Member States of the European Union (EU), recently submitted draft lists to the European Data Protection Board (EDPB). These lists identified data processing activities likely to result in a high risk to the rights and freedoms of...

In their November 2018 plenary meeting, the European Data Protection Board (EDPB) adopted a set of guidelines on the territorial scope of application of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR). Article 3 GDPR, which regulates the matter, surprised subject matters experts for its potential reach,...

This article outlines the Data Protection Impact Assessment (DPIA) requirements regarding CCTV cameras by drawing on the DPIA template issued by the UK Surveillance Camera Commissioner (SCC) on 22 October 2018. The SCC is responsible for promoting compliance with the surveillance camera code of practice (the Code)...

We are delighted to announce that Trilateral Research has been designated to serve as the Data Protection Officer for the Wise Group, a leading social enterprise, which transforms people’s lives across Scotland and North East England. As DPO, Trilateral will assist the Wise Group on creating...

We are pleased to announce that Trilateral Research has been designated to serve as the Data Protection Officer for the Housing Agency in Ireland. Trilateral Research DPO service grows out of our pioneering work in safeguarding privacy and the protection of personal data within the public...

What is data protection by design exactly? The basic idea is that consideration of the impact of any processing activities when developing a new product, technology or service should be taken into account and from the onset and through the lifecycle of the product. Security...

Whereas much attention has been paid to the radical changes brought by Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and its aim to enhance and uniform the data protection legislation across Member States, very few words have been spent on national derogations and...

Anonymisation and data-erasure requests: a perfect solution or a dangerous false friend? With the GDPR now fully applicable, data subjects are entitled to exercise a number of new rights over their personal data undergoing processing by organisations. They are able to demand that – in certain...

Following the latest advancements in the digital economy, technology and science, it has become clear that personal data is the new oil. Regulation (EU) 2016/679 (GDPR) is the response to technological challenges. It aims to empower data subjects and ensure uniformity among Member States. This...

‘Risk Assessment Report and Methodology’

You can view the Executive Summary and Table of contents of the Project Solebay Risk Assessment Methodology Report.

Please sign up to the Solebay mailing list to download the Full Solebay project report.