Throughout May, our hosts, Jasmine Harrison, Joe Kirk and Philip Brining, led lively discussions on individual rights, SARs, the DPDI Bill, cookie compliance and AI. 

We’ve covered a lot this month, so you’ll have plenty to sink your teeth into. Below, we outline the key takeaways from every episode. 

Data Protection Made Easy: May’s Rundown 

Episode 167: Exploring Individual Rights & Subject Access Requests

The UK GDPR sets out 8 data subject rights to ensure our personal data is handled compliantly and safely. Whether it’s the right to rectification or to restrict processing, these individual rights must be obeyed no matter the size of your business. 

In this discussion, we assessed these data subject rights, focusing specifically on the ‘right of access.’ When an individual exercises this, it becomes a Subject Access Request (SAR).

We outlined what’s involved in SAR (or ‘DSAR’) and how to respond appropriately. There are many factors to consider, from the data format to the 30-day response deadline. 

This episode has a lot of helpful guidance, especially if you’ve recently submitted or received a subject access request. Listen to episode 167 to understand more about your rights. 

SARs Made Easy

Need help handling a subject access request? Our SAR support service will streamline the time and resources required to complete one. 

In May, we announced we were upgrading our SAR services. We’ve recently upgraded our SAR software with advanced OCR, indexing and deduplication algorithms. These features make data collection quicker, saving time on subject access requests. 

We’ve also improved the user interface and updated our pricing for uploading data and SAR support. You can read more about these updates in our blog. 

Episode 168: Cookie Compliance – Cracking the Code

In episode 168, our hosts unpack the main regulations around cookie compliance: Foreign Intelligence Surveillance Act (FISA), Investigation Powers Act (IPA) and Privacy and Electronic Communications Regulations (PECR). 

Every website has cookies, signalled by a banner asking web visitors to accept or decline them when they arrive. While the IPA and FISA grant surveillance power to the UK and US governments, the PECR focuses on how (any) websites need to ensure compliance.

This episode equips you with the latest information about cookie compliance and how to maintain user privacy with explicit cookie consent. Listen to episode 168 now. 

Episode 169: The DPDI Bill’s Impact on Individual Rights

The Data Protection and Digital Information (DPDI) Bill remains a pressing topic amongst our hosts and growing community of listeners.

In part one (episode 163), we assessed whether this Bill risks compromising the core of the UK GDPR. Several reforms have been proposed, including replacing RoPAs and DPOs and redefining what is classed as personal data. Get the full list of proposed changes in our UK GDPR vs DPDI Bill guide. 

We explored further whether the DPDI Bill impacts individual rights and whether it will address current exemptions that fall within the UK GPDR. Tune into episode 169 to hear our full discussion of the DPDI Bill. 

Episode 170: Data Breach Drama

Heard of the hit Netflix show ‘Baby Reindeer’? Well, Netflix and the producer, and main actor, Richard Gadd, may face a lawsuit. Fiona Harvey, the ‘real-life Martha’, wants to sue Gadd and Netflix for their ‘defamatory’ depiction and exploitation of her personal data.    

Artistic licence allows creators to use real-life events as inspiration for their work. For Gadd, it focused on his real-life encounters with a stalker. Using countless examples of personal data, like emails, texts and voice messages, Gadd was able to form a clear portrayal of Fiona Harvey’s assault against him.  

In this podcast, we discuss how creative freedom and individual rights must be carefully balanced to ensure UK GDPR compliance. Hear more about our thoughts on the ethics of storytelling in episode 170. 

Episode 171: AI and Its Impact on Privacy

We invited our special guest, Rebecca Balebako, a privacy engineer, back to our podcast to discuss how AI can both threaten and enhance data privacy. 

There are no AI regulations in the UK as of yet, but change is already underway in Europe (the EU AI Act) and afar. Despite these absences, there are ways to develop and use AI in line with existing data privacy requirements. 

Listen to Rebecca and our hosts about AI and data protection now. 

Join the Data Protection Made Easy Community 

Subscribe to the award-winning Data Protection Made Easy podcast for the latest news and insights on data privacy and cyber security. You can listen on Spotify, Apple, Deezer, or directly in our Resource Centre.  

View our incoming podcasts in June’s episode rundown.