Protecting personal data when using blockchain technology is tricky, may be full of surprises, and cumbersome. According to the European Data Protection Board opinion, which this assessment and advice is inspired with, the inherent characteristics of blockchain—like immutability or decentralisation—pose serious compliance issues with the General Data Protection Read More
Pseudonymisation is a technical and organisational measure and a data protection measure under the GDPR. It is a risk-reduction measure that minimizes the likelihood and impact of data protection breaches. It allows for controlled re-identification through stored additional information (secret information). Unlike anonymisation, which irreversibly removes the ability to link Read More
Are risks related to the processing of personal data, as referenced in the GDPR, fixed and exhaustive? They are not. The regulation provides a non-exhaustive list of risks solely as a foundation for protecting fundamental rights. Administrators must assess and address additional, context-specific risks beyond those explicitly listed. This requires Read More
TLS is the fundamental protocol facilitating secure web browsing. Simply speaking it identifies the server identity and establishes an encrypted connection. That’s how we may securely use banking, do shopping, and do other things we take for granted. Establishing such a connection comes with a performance footprint because computation Read More
I track the Privacy Sandbox migration process since it's day 1 announcement. Having written some notes about architectural aspects, initial assessments, including identification of data leaks, When analysing the proposals and imagining the future system, I realised that there's a need to somehow guide the future Read More
Data protection assessment of Privacy Sandbox's Protected Audience API. It can be deployed and designed in compliance with GDPR. Read More
Some time ago I wrote about “how GDPR fines work”, be calculated, including what technical aspects may be considered during such a calculation, the article is here, and it is quite a case study. It’s still good and all, but this time, finally, EU data protection authorities agreed on Read More
Privacy and data protection assessment of the eID Regulation. This assessment is prepared in response to a request by the LIBE Secretariat in the name of the MEP Cristian Terhes (rapporteur of eID file; requested on 19.01.2022). The focus of this assessment is data protection and privacy. Although Read More
Technology platforms create technologies with significant impacts on nations, governments, and societies. This impact is increasing, reaching new heights. Many feel that the rules of the game are unclear, insufficient, or non-existent. Without rules, one only wonders who would set out the road to the future. In other words, does Read More
Quantum computers benefit from special effects like the quantum superposition and quantum interference to perform computation outside the reach to to classical computers, and attaining a speed advantage over classical computers for selected problems. What matters is quantum computers may allow an exponential computing speedup for certain problems. This speedup Read More
Imagine tens of millions of users potentially receiving a popup asking the user to grant permission to be tracked, in September 2020. The striking news emerged from this year’s Apple WWDC conference. Apple will limit the use of the IDFA “tracking identifier”. This identifier allowed advertisers to track the Read More
We live in times of profound technological impacts and accelerating history. Technology is increasingly influencing fundamental aspects of societies. Some technologies have great potential but their impact in the long term is difficult to imagine in advance by most. My background is compounded. I have experience in security engineering, walked Read More