• All
  • Data Science
  • News
  • Privacy
  • Research Highlights
  • Security

In this interview with Philipp Amann, Head of Strategy of Europol’s European Cybercrime Centre, we discuss an approach to organisational cybersecurity and cyber resilience that underlines, among other things, the need for prevention and awareness as well as a holistic view of the threats and...

This article recommends best practice when Data Protection Officers (DPOs) go on leave for holiday or any other reason....

The article reviews a recent Irish court ruling on the use of CCTV recordings for disciplinary proceedings and provides practical advice on how to avoid similar legal disputes....

The article reviews new guidance by the European Data Protection Board (EDPB) on building GDPR compliant consent mechanisms....

In the course of their activities, employees are often tasked with handling and managing personal data of colleagues, contractors or the public. Employees are then responsible for complying with data protection law on behalf of the employer, who is the data controller or processor. Whereas...

The Irish Data Protection Commission (DPC) has issued a guidance note on cookies and other tracking technologies. This guidance accompanies the release of a report outlining the results of a cookie sweep conducted on 40 website operators. It is the most significant and detailed guidance...

Responding to subject access requests can present a variety of challenges for data controllers. In particular, managing such requests on behalf of children without clear precedent can prove to be challenging. The rights of the child are covered in part within the text of Regulation...

Flexible working arrangements have been a growing trend in recent years, allowing staff to balance office life and the daily commute with working from home. In some cases, organisations have developed a fully remote workforce. This has been possible because the technology and tools that...

The COVID-19 crisis is hopefully a once in a hundred years event. As we are asked to self-isolate and reduce face to face interactions, many organisations are dusting off and implementing their business continuity plans. Business Continuity Plans, if written, are rarely reviewed, never mind...

On February 20th, Ireland’s Data Protection Commission (DPC) published their annual report covering the first full year of GDPR. This report sets out the areas of focus and activities carried out by the DPC between 1 January 2019 – 31 December 2019. The vast spectrum of...

As of today, the coronavirus COVID-19 is affecting 124 Countries and territories around the globe, calling governments and businesses worldwide to face an emergency situation that might continue for longer than expected. During these troubled times, with the perspective of a global health crisis ahead,...

The digitalisation of the public sector and its information assets has reduced the barriers and boosted synergies in the public domain. Public authorities, now more innovative and digitalised than ever, are looking into strong synergies to better perform their tasks and execute the administrative roles...

Phishing attacks are one of the biggest threats to both individual and organisational privacy and security. A 2019 Cyber Breaches Survey published by the UK Government notes that 80% of cyber breaches are a result of a phishing attack. User training is often a key...

In February of this year, the Data Protection Commission (DPC) released guidance on attendee lists and the fact that some organisations are refusing to release such lists on the basis of the GDPR. The DPC’s guidance makes clear that the GDPR does not forbid releasing...

In a recent blog post the Spanish Data Protection Agency (AEPD) released some guidance on data protection and the use of encryption. This article is not going to be a technical exploration of the tools available, for a technical review please see this previous article....

Regulation (EU) 2016/679 (GDPR), has been criticised for being overly burdensome and disproportionally prescriptive for organisations, especially where data is the enabler for providing services and products. Whereas the GDPR has set high compliance standards, organisational compliance is rather scalable and proportionate to the role...

A presentation by the Chief Executive of Dublin Bus titled “Energy and Carbon: The Race to Zero” was recently shared widely on LinkedIn.  In it, Ray Coyne, the CEO of the public transport system set out his vision for the “sustainable Dublin of the future”...

Just before the advent of 2020, the Advocate General (AG) of the Court of Justice of the European Union (CJEU) rendered his 70-page Opinion on the Schrems II case. This followed the finding of the CJEU in Schrems that the Safe Harbor, i.e., the data...

The Council of Europe (CoE) in 2006 launched a Data Protection Day to be celebrated each year on 28th January, the date on which the CoE’s data protection convention, known as “Convention 108” was signed. The day, known as Data Protection Day in Europe, is...

As employers, managers need to be aware of their employees’ right to a reasonable expectation of privacy in the workplace, but what does this mean on the ground? Many employers still need additional support to recognise the scope of this obligation and implement adequate controls...

‘Risk Assessment Report and Methodology’

You can view the Executive Summary and Table of contents of the Project Solebay Risk Assessment Methodology Report.

Please sign up to the Solebay mailing list to download the Full Solebay project report.