In which I combine exasperation with well-meant advice, on the topic of lawyers who aren’t data protection experts but give data protection advice nonetheless
A slightly sweary but kindly-intended open letter to the information security profession on the topic of data protection
What marketers need to know about ‘legitimate interests’ but everyone else is too polite to say
I’m flattered to have inspired this satirical video guide by the great Javvad Malik, although I’m a bit worried that people might take it seriously….
A decision tree for working out when consent is the right lawful basis for processing
An incident isn’t necessarily a breach, a breach isn’t necessarily an avoidance breach, and it’s not always a notifiable one either. The post is less confusing than this excerpt, I promise.
A briefing on consent, the most misunderstood and misused part of the GDPR. What the law really says.
Some GDPR myths keep coming back like zombies. Here are some of the worst