ResourceCenter

This report, prepared for the Centre for Information Policy Leadership, provides perspective on how the ePrivacy Regulation may affect the design of digital services. It goes on to explain why design should be harnessed to both inform policy and create digital services that take into account user ne...

The aim of this publication, produced by the Centre for Information Policy Leadership, is to stimulate discussion about how Data Protection Authorities can maximize their effectiveness in the modern information age. (September 2017)View PDF (1.08 MB)...

Produced by the U.K. Information Commissioner's Office, this interactive tool gives tailored guidance on which lawful basis is likely to be most appropriate for your processing activities. It will give a rating for each lawful basis based on answers to key questions, with suggested actions and links...

This document, published by the National Institute of Standards and Technology, focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of an organization’s risk management processes. The framework consists of three parts: the framework core, t...

The French data protection authority, the CNIL, published this methodology explaining how to carry out a data protection impact assessment, also commonly referred to as a privacy impact assessment.View PDF (513 KB)...