• All
  • Data Science
  • News
  • Privacy
  • Research Highlights
  • Security

The use of big data analytics techniques and machine learning boosts competitiveness in the EU manufacturing sector. PROTEUS' mission is to investigate and develop ready-to-use scalable online machine learning algorithms and real-time interactive visual analytics to deal with extremely large data sets and data streams. Using these...

Ethics is not a ‘thing’ to be designed into a technology or into data analytics because ethics are enacted, in situ, in context. Designing in ways that encourage ethical outcomes requires thinking critically about what the design work is doing. Privacy by design is a very...

Anonymisation and data-erasure requests: a perfect solution or a dangerous false friend? With the GDPR now fully applicable, data subjects are entitled to exercise a number of new rights over their personal data undergoing processing by organisations. They are able to demand that – in certain...

Following the latest advancements in the digital economy, technology and science, it has become clear that personal data is the new oil. Regulation (EU) 2016/679 (GDPR) is the response to technological challenges. It aims to empower data subjects and ensure uniformity among Member States. This...

The ICO report on the investigation into the use of data analytics in political campaigns  In July, the Information Commissioner’s Office (ICO) published a progress report on its ongoing investigation into the use of people’s personal data to influence political opinion. This forms part of a...

The use of Virtual Reality has expanded from gaming scenarios to less recreational immersive experiences including education, news reporting, advertising and training.  Three key areas where VR is being considered for experimentation and implementation are: Education, Museums Cultural heritage However, the use of these systems may...

At Trilateral Research we think managing risks is critical, both in the development of emerging technologies and in ensuring safety and security. All our projects involve some type of risk management. The use of risk assessment is critical to identifying, understanding and mitigating potential risks thereby...

The world is increasingly turning to open sources, not only for information but also for human rights reporting and uncovering crimes against humanity. While it has become possible for anyone with an internet connection and a smartphone to capture real-time images of extraordinary and unpredictable events...

We are pleased to announce that Trilateral Research has been recently appointed as the Data Protection Officer (DPO) for the University of Cambridge Group, which includes the University of Cambridge, Cambridge University Press, and Cambridge Assessment. ‘We have engaged Trilateral Research as part of our drive...

Over the past few months, a considerable amount of news addressed the questionable practices adopted by some organisations to allegedly comply with the General Data Protection Regulation (GDPR). Some of these practices also led regulatory authorities to issue fines to ensure that a simple and...

A recent news story from BBC news has highlighted the importance of ensuring all organisations have a full-scale data security policy. When many organisations think of data security, they think of cyber-security and preventing malicious attacks. However, ensuring your policy includes provisions for physical security...

Human trafficking is a clandestine phenomenon in which its victims often remain unidentified by the justice system and law enforcement. According to the Guardian, Modern slavery, including labour exploitation, sexual exploitation and domestic servitude, is estimated to cost the UK between £3.3bn and £4.3bn, with...

The Information Commissioner’s Office (“ICO”) has recently published its annual report for the 2017-2018 period, outlining the work it has undertaken over the past year (1 April 2017-31 March 2018). The report includes some interesting facts and figures relevant to organisations, especially public sector organisations,...

New technologies can enable a better collaboration between communities and Law Enforcement Agencies (LEAs) to prevent and reduce crime. Innovative processes are in place and have been tested to provide early warning and share information with citizens while inviting them to actively collaborate in reporting...

Artificial intelligence and big data analytics have the potential to add greatly to the benefits of information and communication technologies, but they can also have undesirable impacts on ethics and human rights. Privacy and data protection are the most obvious issues, but they are far from...

Trilateral Research joins law enforcement agencies, technology and information systems companies and other research institutions from several EU countries in the newly launched, EU-funded COPKIT project, for a game-changing initiative to combat terrorism and organised crime. While organised crime and terrorist (OCT) groups are often at...

Trilateral Research works with other partners, as part of the TITANIUM consortium, at curtailing the illicit use of Bitcoin in the financing of terrorist and illicit activities. Within this area of study, Giuseppe Maio, Research Assistant at Trilateral Research, has developed new research focusing on Bitcoin mining. His latest...

In collaboration with CCARHT (Cambridge Centre for Applied Research in Human Trafficking) and The Zovighian Partnership, we are proud to have co-organised the 2018 CCARTH Counter Trafficking Cambridge Summer Symposium. We will address questions such as: which are the enablers of Modern Slavery and Human trafficking? This...

In this blog, we share insights into the technical areas we often analyse for our clients in the private and public sector for the GDPR implementation, such as: Assessment of data flow, transfer, and sharing Assessment of data storage, retention, and deletion Assessment of access...

The future of drone use is changing. As GDPR enters into force, drone pilots and operators will have to rethink the way they operate. As part of the DroneRules PRO, we are creating a privacy and data protection culture within the European drone industry and will...

“Artificial intelligence and big data analytics bring a variety of benefits to society, but at the same time have the potential to disrupt society, ethical values and human rights, and life as we know it”, says Bernd Stahl, Director of the Centre for Computing and...

Trilateral Research joins law enforcement agencies, national tax authorities and other research institutions from several EU countries in the newly launched, EU-funded PROTAX project, for a concerted and timely initiative to combat tax crime in Europe. The PROTAX consortium is looking for answers to questions like...

Organized crime and terrorist organisations are often at the forefront of technological innovation in planning, executing and concealing their criminal activities and the revenues stemming from them. Trilateral Research has worked in many projects aiming to develop solutions to tackle cybercrime, terrorist activities and understand their...

The idea that digital transformation can have a considerable sustainable impact on the public sector and, consequently on society, it is at the heart of Trilateral Research work. Combining technology development with social science expertise, we investigate how data analytics, artificial intelligence, and new ICT technologies...

Outsourced DPO

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Serve as your DPO

Company name and contact details transmitted to the ICO Company name and contact details available to:
  • Management
  • Employees
  • Data subjects
Article reference: 37

Contact point for data subjects

  • Contact data accessible on the websites and privacy notices
  • Function as the main public contact point (email & post)
  • Guide your organisation on the possible sources of data access requests.
Article reference: 38(4)

Contact point for Data Protection Authorities
(e.g. ICO)

Liaise with the ICO in case of issues with data subjects and data breaches.
Article reference: 39(1)(d), 39(1)(e), 36

Ad hoc advice on difficult data protection issues

Written opinions on data protection queries, with an analysis of relevant issues or other relevant legislative elements
Article reference: 39(1)(a)

Regular newsletter to inform and advise on relevant developments and possible challenges in data protection

Newsletter containing the latest regulatory news and compliance guidance, and news concerning conferences and training opportunities
Monthly
Article reference: 39(1)(a)

Annual gap analysis

Audit and gap analysis to map new activities and data-processing practices
Virtual
Article reference: 39(1)(b)

Status discussion (via phone/skype) and report

Discussion and report
Every 6 months
Article reference: 39(1)(b)

Review of the privacy notices

Review of the privacy notices to ensure accuracy and advice on how to improve
Article reference: 39(1)(b)

Provide advice to the client organisation on how to carry on data protection impact assessments (DPIA) and to monitor their performance

We provide advice on:
  • Whether to carry out a DPIA
  • The best methodology to follow
  • Whether to carry out the DPIA in-house or to outsource it depending on the complexity
  • What safeguards (including technical and organisational measures) to apply to mitigate any risks to the rights and interests of the data subjects
  • Whether the DPIA has been correctly carried out and whether its conclusions are in compliance with the GDPR
Article reference: 39(1)(c)

Oversee the establishment and maintenance of the Record of Processing Activities

  • Contact point for the designated employee
  • Guidance on the Record, including provision of check-lists, best practices, and methodological advice
Article reference: 39

Provide guidance on data breach handling and reporting

  • Contact point for the responsible person
  • Contact point for the ICO
  • Advice on best practices for handling data breaches, including notification requirements, reporting and identification of measures to limit damage
Article reference: 33(3)(b)

Monitor the data-protection-training activities and advise on their necessity

  • Inclusion of a chapter on training in the status reports
  • Provision of news and updates on relevant conferences and training courses (newsletter)
  • Provision of training materials, where appropriate
Article reference: 39(1)(b)

Email and telephone assistance

-
Article reference: -

Bespoke notifications to management on critical legislative, judicial, or policy developments that may impact your business

Email notification with explanation of the development and a preliminary overview of the impact on the organisation
Article reference: 39(1)(a)

Training seminar on the developments of data protection law and policy

-
Article reference: -

Review of the consistency of the internal documents concerning data processing practices

Cross-check of the consistency of the internal documents
Article reference: 39(1)(b)

Weekend and holidays data breach guidance

Data breach guidance during the weekends and holidays
Article reference: -

DPO Assist

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Ad hoc advice on difficult data protection issues

Written opinions on data protection queries, with an analysis of relevant issues or other relevant legislative elements
Article reference: 39(1)(a)

Regular newsletter to inform and advise on relevant developments and possible challenges in data protection

Newsletter containing the latest regulatory news and compliance guidance, and news concerning conferences and training opportunities.
Monthly
Article reference: 39(1)(a)

Annual gap analysis

Audit and gap analysis to map new activities and data-processing practices
Virtual
Article reference: 39(1)(b)

Status discussion (via phone/skype) and report

Discussion and report
Annually
Article reference: 39(1)(b)

Review of the privacy notices

Review of the privacy notices to ensure accuracy and advice on how to improve.
Article reference: 39(1)(b)

Provide advice to the client organisation on how to carry on data protection impact assessments (DPIA) and to monitor their performance

We provide advice on:
  • Whether to carry out a DPIA
  • The best methodology to follow
  • Whether to carry out the DPIA in-house or to outsource it depending on the complexity
  • What safeguards (including technical and organisational measures) to apply to mitigate any risks to the rights and interests of the data subjects
  • Whether the DPIA has been correctly carried out and whether its conclusions are in compliance with the GDPR
Article reference: 39(1)(c)

Provide guidance on data breach handling and reporting

  • Contact point for the responsible person
  • Advice on best practices for handling data breaches, including notification requirements, reporting and identification of measures to limit damage
Article reference: 33(3)(b)

Monitor the data-protection-training activities and advise on their necessity

  • Inclusion of a chapter on training in the status reports
  • Provision of news and updates on relevant conferences and training courses (newsletter)
  • Provision of training materials, where appropriate
Article reference: 39(1)(b)

Email abd telephone assistance

-
Article reference: -

Bespoke notifications to the top management on critical legislative, judicial, or policy developments that may impact your business

Email notification with explanation of the development and a preliminary overview of the impact on the organisation
Article reference: 39(1)(a)

Compliance Support

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Data Mapping

Map the data flows within your organisation to better understand how personal information flows between departments

Data Protection Impact Assessments

Where required by the GDPR or national law, conduct or review DPIAs using our library of good practices
Article reference: 35

Consent and Privacy Notice Requirements

Revise and improve consent and privacy notices to meet transparency and accoutnability requirements

Gap Analysis

Identify gaps in your organisation's compliance with the GDPR, national data protection legislation or sectoral legislation

Data Protection Audit

Audit your organisation's activities to assess your compliance with applicable data protection law

Data Protection-by-design and -default

Work with your technical and admin teams to operationalise Data Protection-by-design and -default, using established good practice
Article reference: 25

Training

We offer general, role-based (e.g., HR) and activity based (e.g., DPIA) training. All our training materials are designed to be accessible to non-experts and easy to use

General compliance support

Support for creating required documentation, including, but not limited to Records of Processing activities, Data retention (and deletion) schedules, Personal Data Breach procedures, Subject Access Request procedures, Training materials, Legitimate Interest Assessments, etc.)