20 March 2026 Intro Under Article 17 GDPR, individuals have the right to request erasure of their data (right to be forgotten).  This right  is not absolute, for example the data controller needs to retain the data to comply with a legal obligation or the data controller requires the data for the purpose of a legal claim.  The European Data Protection Board (EDPB) selected the topic ‘Implementation of the right to erasure by controllers’ for its 2025 Coordinated Enforcement

'Artificial Intelligence integration into Legal Practices' 23 February 2026 It was a real delight for our founder and director to participate in the 25th UCC Annual Law Society Conference. With the topic: AI integration into Legal Practices: Strategic Transformation of Legal Operations, Improved Efficiency and Enhanced Decision-Making, there was a lot to cover. While the surrounds were beautiful, the discussions were varied, relevant and leading to lots more discussions and q

25 February 2026 EDPB’s 2026 enforcement focus means it’s time to revisit your privacy notices—AI use included Intro In October 2025, the European Data Protection Board (EDPB) announced that transparency and information obligations under Articles 12–14 GDPR will be the focus of its 2026 Coordinated Enforcement Action (CEA). This means Data Protection Authorities (DPAs) across Europe will be examining how well organisations explain their processing activities to individuals. W

Data Protection and AI 9 January 2026 What a great start to the New Year. I really enjoyed participating in the panel session on Data Protection and AI  at the Law Society's Future of Legal Practice Summit.  2026 did not wait long for AI, data protection, human rights and the impact of AI tools to be front and centre.  Decisions made this year in terms of legislation and regulatory frameworks will impact society for years to come. It is time to get it right. For any queries o

5 Jan 2026 As I start year two of my membership on the IAPP Training Advisory Board AI Governance, it is great to see the impact of my contribution in a fast evolving and complex area, which will no doubt continue at speed this year.

4 December 2025 What a lovely venue for the Law Society Skillnet Practice and Regulation Symposium. Delighted to be speaking on data protection updates and the expected rollercoaster that 2026 will bring

9 November 2025 Managing data breaches in the ‘silly season’ Halloween has passed and the countdown to Christmas has begun, with only 6 full working weeks remaining before many people turn off their laptops.   This period before Christmas holidays can be intense. There is pressure to deliver projects and close out work before logging off, including social occasions, children’s concerts and prep for the big day. The frantic pace leads to rushed decision-making, multitasking to

2 October 2025 While many of us were enjoying summer holidays, a short but mighty Statutory Instrument (SI) was introduced. To give it...

2 October 2025 Yet another reminder from a supervisory authority of the importance of vendor due diligence. The Polish Supervisory...

16 September 2025 Today, the Department of Enterprise, Trade and Employment a nnounced in its own words ‘ Landmark Progress in AI Act...

11 September 2025 Noteworthy decision from the Greek Supervisory authority who fined both the data controller and data processor arising...

10 September 2025 How to improve the DPA process Introduction While we are 7 years into DPAs being a requirement for both processors and...

2 August 2025 Summertime milestone leaves no time for novels by the beach Intro 2 August (while Irish people enjoy the August bank...

July 2025 Being a Data Protection Officer (DPO) is no easy task, and there have been many learnings and challenges during the last seven...