Yesterday and today I have had the privilege of training the Data Protection Authority of Rwanda. We had very interesting discussions at the core of matter, e.g., on the the concept of personal data, on anonymisation, pseudonymisation, tokenisation and encryption, the operationalisation of the risk-based approach, etc. The new Rwandan law relating to the protection of personal data and privacy is strongly based on the GDPR; I look forward to seeing how organisations will comply with the new legislation by 13 October 2023, as well as how the Authority will build on European experience and stimulate a respectful data driven economy and society!

Read more here.