New technologies are not inherently ethically good or bad; they can both enhance or violate fundamental rights and values and their use can have far-reaching consequences. This is especially apparent in the medical and health sectors. The rapid development of new technologies deployed in this sector...

The current response to the Coronavirus is making massive changes to all our lives, but it’s also accelerating various existing trends. One of these has been to move education online, due to the closure or suspension of schools and universities. Educators have had to move incredibly...

As of today, the coronavirus COVID-19 is affecting 124 Countries and territories around the globe, calling governments and businesses worldwide to face an emergency situation that might continue for longer than expected. During these troubled times, with the perspective of a global health crisis ahead,...

The Council of Europe (CoE) in 2006 launched a Data Protection Day to be celebrated each year on 28th January, the date on which the CoE’s data protection convention, known as “Convention 108” was signed. The day, known as Data Protection Day in Europe, is...

We are delighted to introduce the STAR GDPR training material. As a result of the collaboration between the Law, Science, Technology & Society research group at VUB (https://lsts.research.vub.be/), the Hungarian data protection authority NAIH (https://naih.hu/) and Trilateral Research, as part of the EC funded project STAR,...

In this article, we look at what it means to be GDPR compliant and the benefits of doing so. Referring to the latest study carried out by the European project STAR II, Trilateral Research’s Data Protection Consultant Kai Matturi investigates the impact surrounding SMEs not...

Trilateral’s DroneRules PRO materials on privacy and data protection have been included in official European Aviation Safety Agency Guidance to assist the drone industry to comply with the new EU wide drone Regulations and the General Data Protection Regulation (GDPR). In 2018 the European Aviation Safety...

A recent article by Boston Consulting Group outlined how organisations should assess cybersecurity risks in order to target spending on the risks most likely to have a significant financial impact. It noted that cybersecurity attacks and cybersecurity spending are on the rise with the latter...

On 25 September 2019, Trilateral conducted, in cooperation with RoboAcademy, a DroneRules PRO training session at the Faculty of Aerospace Engineering TU Delft in the Netherlands. This was the final in a series of workshops that brought together more than 90 drone stakeholders in 6...

Trilateral has worked with DPAs, academics and business to develop a set of freely available GDPR training materials which will be presented in this month's project final conference in Brussels and Tirana. In this article, David Barnard-Wills, Research Manager at Trilateral Research, presents the  DPAs’ approach to training in countries...

It is over a year now since the General Data Protection Regulation (GDPR) came into force throughout the EU and the STAR II project has also been designed to understand how small and medium enterprises (SMEs) have experienced the GDPR during this period. To find out...

The new world economy relies on data-driven technologies and systems. Data is knowledge and innovation, ensuring scientific progress. There is a strong debate on whether the new General Data Protection Regulation (GDPR) constitutes an enabler or hindrance for scientific research. Although the focus has been...

Data Protection Authorities including the ICO and the Irish Data Protection Commission have recently released updated cookie guidance and CNIL, the French Data Protection Authority, have released updated guidelines, repealing their 2013 guidelines which suggested that a valid form of consent to cookies included the...

In a historic move, the Danish Data Protection Authority, Datatilsynet has recommended its first fine under the GDPR regime for taxi company Taxa4x35 for its failure to adhere to principles of data minimisation and a failure to properly anonymise personal data. Organisations who wish to avoid...

A recent editorial (March 2019) and article (Jan 2019) in the British Medical Journal have focused on how medical mobile apps, currently a booming market, routinely share users’ data. Given the purpose of these mobile applications and the fact that their use is sometimes suggested to patients...

Due to their manoeuvrability, varying designs and sizes, as well as the vast array of hardware and software capabilities they could be equipped with, drones have found widespread applications in fields spanning cinematography, insurance valuations, construction project planning, real estate sales and infrastructure inspections among...

Many organisations have already recognised the need to appoint specialist personnel to ensure they are meeting their obligations in relation to the protection of personal data. For example, the General Data Protection Regulation (GDPR) requires many types of organisations to appoint a Data Protection Officer...

The French Supervisory Authority, Commission nationale de l'informatique et des libertés (CNIL) has issued Google LLC with a €50m (£44m) fine following an investigation into their advertisement personalisation purposes. This marks the first occasion Google has been fined under the EU General Data Protection Regulation...

The General Data Protection Regulation (GDPR) creates a new role called a Data Protection Officer which assists a data controller or processor to monitor their internal compliance. Although not every organisation requires a Data Protection Officer (DPO), the GDPR provides that the DPO may be an...

To mark Data Protection Day, Trilateral has produced a special article that examines how the General Data Protection Regulation (GDPR) changes the rules for research. The GDPR adopts a “broad” definition of research, encompassing the activities of public and private entities alike (Recital 159). Research occupies...

For companies and individuals that work in the area of data privacy, it is fair to say that 2018 was the year of privacy. In May, Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), the world's most stringent privacy law, came into effect. The...

In this blog, Benjamin Falk, co-founder of Yo-Da, outlines the current market landscape for personal data and provides insights on how data protection law will drive enormous socioeconomic benefits, bringing Europe in the lead of the international race for artificial intelligence supremacy. I attended the GovTech Summit in...

The Data Protection Supervisory Authorities (DPAs) of 22 Member States of the European Union (EU), recently submitted draft lists to the European Data Protection Board (EDPB). These lists identified data processing activities likely to result in a high risk to the rights and freedoms of...

In their November 2018 plenary meeting, the European Data Protection Board (EDPB) adopted a set of guidelines on the territorial scope of application of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR). Article 3 GDPR, which regulates the matter, surprised subject matters experts for its potential reach,...

This article outlines the Data Protection Impact Assessment (DPIA) requirements regarding CCTV cameras by drawing on the DPIA template issued by the UK Surveillance Camera Commissioner (SCC) on 22 October 2018. The SCC is responsible for promoting compliance with the surveillance camera code of practice (the Code)...

We are delighted to announce that Trilateral Research has been designated to serve as the Data Protection Officer for the Wise Group, a leading social enterprise, which transforms people’s lives across Scotland and North East England. As DPO, Trilateral will assist the Wise Group on creating...

We are pleased to announce that Trilateral Research has been designated to serve as the Data Protection Officer for the Housing Agency in Ireland. Trilateral Research DPO service grows out of our pioneering work in safeguarding privacy and the protection of personal data within the public...

‘Risk Assessment Report and Methodology’

You can view the Executive Summary and Table of contents of the Project Solebay Risk Assessment Methodology Report.

Please sign up to the Solebay mailing list to download the Full Solebay project report.