Are risks related to the processing of personal data, as referenced in the GDPR, fixed and exhaustive? They are not. The regulation provides a non-exhaustive list of risks solely as a foundation for protecting fundamental rights. Administrators must assess and address additional, context-specific risks beyond those explicitly listed. This requires…
Read more
TLS is the fundamental protocol facilitating secure web browsing. Simply speaking it identifies the server identity and establishes an encrypted connection. That’s how we may securely use banking, do shopping, and do other things we take for granted. Establishing such a connection comes with a performance footprint because computation…
Read more
I track the Privacy Sandbox migration process since it's day 1 announcement. Having written some notes about architectural aspects, initial assessments, including identification of data leaks,
When analysing the proposals and imagining the future system, I realised that there's a need to somehow guide the future maintanance or development. So…
Read more
Data protection assessment of Privacy Sandbox's Protected Audience API. It can be deployed and designed in compliance with GDPR.…
Read more
Some time ago I wrote about “how GDPR fines work”, be calculated, including what technical aspects may be considered during such a calculation, the article is here, and it is quite a case study. It’s still good and all, but this time, finally, EU data protection authorities agreed on…
Read more