A recent editorial (March 2019) and article (Jan 2019) in the British Medical Journal have focused on how medical mobile apps, currently a booming market, routinely share users’ data. Given the purpose of these mobile applications and the fact that their use is sometimes suggested to patients...

Due to their manoeuvrability, varying designs and sizes, as well as the vast array of hardware and software capabilities they could be equipped with, drones have found widespread applications in fields spanning cinematography, insurance valuations, construction project planning, real estate sales and infrastructure inspections among...

Many organisations have already recognised the need to appoint specialist personnel to ensure they are meeting their obligations in relation to the protection of personal data. For example, the General Data Protection Regulation (GDPR) requires many types of organisations to appoint a Data Protection Officer...

The General Data Protection Regulation (GDPR) creates a new role called a Data Protection Officer which assists a data controller or processor to monitor their internal compliance. Although not every organisation requires a Data Protection Officer (DPO), the GDPR provides that the DPO may be an...

The Council of Europe (CoE) in 2006 launched a Data Protection Day to be celebrated each year on 28th January, the date on which the CoE’s data protection convention, known as “Convention 108” was signed. The day, known as Data Protection Day in Europe, is...

To mark Data Protection Day, Trilateral has produced a special article that examines how the General Data Protection Regulation (GDPR) changes the rules for research. The GDPR adopts a “broad” definition of research, encompassing the activities of public and private entities alike (Recital 159). Research occupies...

For companies and individuals that work in the area of data privacy, it is fair to say that 2018 was the year of privacy. In May, Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), the world's most stringent privacy law, came into effect. The...

In this blog, Benjamin Falk, co-founder of Yo-Da, outlines the current market landscape for personal data and provides insights on how data protection law will drive enormous socioeconomic benefits, bringing Europe in the lead of the international race for artificial intelligence supremacy. I attended the GovTech Summit in...

The Data Protection Supervisory Authorities (DPAs) of 22 Member States of the European Union (EU), recently submitted draft lists to the European Data Protection Board (EDPB). These lists identified data processing activities likely to result in a high risk to the rights and freedoms of...

In their November 2018 plenary meeting, the European Data Protection Board (EDPB) adopted a set of guidelines on the territorial scope of application of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR). Article 3 GDPR, which regulates the matter, surprised subject matters experts for its potential reach,...

We are delighted to announce that Trilateral Research has been designated to serve as the Data Protection Officer for the Wise Group, a leading social enterprise, which transforms people’s lives across Scotland and North East England. As DPO, Trilateral will assist the Wise Group on creating...

We are pleased to announce that Trilateral Research has been designated to serve as the Data Protection Officer for the Housing Agency in Ireland. Trilateral Research DPO service grows out of our pioneering work in safeguarding privacy and the protection of personal data within the public...

What is data protection by design exactly? The basic idea is that consideration of the impact of any processing activities when developing a new product, technology or service should be taken into account and from the onset and through the lifecycle of the product. Security...

Whereas much attention has been paid to the radical changes brought by Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and its aim to enhance and uniform the data protection legislation across Member States, very few words have been spent on national derogations and...

Anonymisation and data-erasure requests: a perfect solution or a dangerous false friend? With the GDPR now fully applicable, data subjects are entitled to exercise a number of new rights over their personal data undergoing processing by organisations. They are able to demand that – in certain...

Following the latest advancements in the digital economy, technology and science, it has become clear that personal data is the new oil. Regulation (EU) 2016/679 (GDPR) is the response to technological challenges. It aims to empower data subjects and ensure uniformity among Member States. This...

The ICO report on the investigation into the use of data analytics in political campaigns  In July, the Information Commissioner’s Office (ICO) published a progress report on its ongoing investigation into the use of people’s personal data to influence political opinion. This forms part of a...

The use of Virtual Reality has expanded from gaming scenarios to less recreational immersive experiences including education, news reporting, advertising and training.  Three key areas where VR is being considered for experimentation and implementation are: Education, Museums Cultural heritage However, the use of these systems may...

We are pleased to announce that Trilateral Research has been recently appointed as the Data Protection Officer (DPO) for the University of Cambridge Group, which includes the University of Cambridge, Cambridge University Press, and Cambridge Assessment. ‘We have engaged Trilateral Research as part of our drive...

Over the past few months, a considerable amount of news addressed the questionable practices adopted by some organisations to allegedly comply with the General Data Protection Regulation (GDPR). Some of these practices also led regulatory authorities to issue fines to ensure that a simple and...

A recent news story from BBC news has highlighted the importance of ensuring all organisations have a full-scale data security policy. When many organisations think of data security, they think of cyber-security and preventing malicious attacks. However, ensuring your policy includes provisions for physical security...

The Information Commissioner’s Office (“ICO”) has recently published its annual report for the 2017-2018 period, outlining the work it has undertaken over the past year (1 April 2017-31 March 2018). The report includes some interesting facts and figures relevant to organisations, especially public sector organisations,...

In this blog, we share insights into the technical areas we often analyse for our clients in the private and public sector for the GDPR implementation, such as: Assessment of data flow, transfer, and sharing Assessment of data storage, retention, and deletion Assessment of access...

The future of drone use is changing. As GDPR enters into force, drone pilots and operators will have to rethink the way they operate. As part of the DroneRules PRO, we are creating a privacy and data protection culture within the European drone industry and will...

One of the key elements to consider when assessing whether your organisation needs to appoint a Data Protection Officer (DPO), is to determine whether it will be regarded as a public authority under the General Data Protection Regulation’s (GDPR) Regime. It is of key importance that...

It is advisable that all organisations, regardless of size and geographic location, duly assess whether they need to appoint a Data Protection Officer (DPO). In our previous article we illustrated what the DPO role is; here, we provide you with six practical examples (names and...