Brief Encounters: an open letter to lawyers
In which I combine exasperation with well-meant advice, on the topic of lawyers who aren’t data protection experts but give data protection advice nonetheless
Tools
A slightly sweary but kindly-intended open letter to the information security profession on the topic of data protection
10 Legitimate Interests Lessons for Marketers
What marketers need to know about ‘legitimate interests’ but everyone else is too polite to say
Bad Privacy Notice Bingo!
In which I create and snark about a bingo card of my pet privacy policy peeves.
I’m a muse|amused
I’m flattered to have inspired this satirical video guide by the great Javvad Malik, although I’m a bit worried that people might take it seriously….
Consent or not consent?
A decision tree for working out when consent is the right lawful basis for processing
Verelox, insider threat and GDPR implications
An incident isn’t necessarily a breach, a breach isn’t necessarily an avoidance breach, and it’s not always a notifiable one either. The post is less confusing than this excerpt, I promise.
What the GDPR does – and doesn’t – say about consent
A briefing on consent, the most misunderstood and misused part of the GDPR. What the law really says.
GDPRubbish
Some GDPR myths keep coming back like zombies. Here are some of the worst