Today is Data Protection Day, the day when we celebrate the anniversary of Convention 108 opening for signature. Convention 108 is the first legally binding international law aiming to ensure that the fundamental rights of individuals are respected in the context of personal data processing activities. Each year when January 28th comes around, I ask ...
Are the GEDI Group’s cookie banners compliant with the GDPR?
In recent weeks, cookies have received a great deal of attention in Italy after Italian media conglomerate, GEDI Gruppo Editoriale S.p.A., implemented new cookie banners across a number of its websites (e.g., La Repubblica, La Stampa, Huffpost, Il Secolo XIX). GEDI is not alone, however, as other major Italian newspapers such as Corriere della Sera, ...
Serious Privacy Podcast appearance – “The fourth leg of ESG: a Privacy Framework”
I recently had the pleasure of being interviewed by Paul Breitbarth of Catawiki and Dr. K Royal of Outschool for the Serious Privacy podcast, check out the episode here! During the podcast we discuss my research on the topic of Data Protection as a Corporate Social Responsibility which aims to improve data protection and data security for a ...
Celebrating 11 years of ICTLC!
After 11 years, we are more motivated than ever to continue improving, determined to achieve ambitious goals, even more curious, and ready to push our boundaries! The enthusiasm of our colleagues is growing as we enter a phase of greater maturity, self-consciousness, and harmonious international and multidisciplinary expansion! At our semiannual party, Luca Bolognini and I discussed strategy, ...
Privacy Enhancing Technologies
I just finished a very interesting discussion with Mark Thompson (Director of Research and Insight, IAPP) and William Malcolm, (Director, Privacy Legal, Google) on Future trends in Privacy Enhancing Technologies (PET). During the conference, we discussed the intricacies of Differential Privacy, Federated Learning, Homomorphic Encryption, Synthetic Data, Trusted Enclaves, and the Privacy Sandbox, etc. But you may be ...
Happy Birthday, GDPR! Reflections on the potential for sustainable data processing to combat climate change

Each year I celebrate May 25th, the anniversary of the applicability of the General Data Protection Regulation (GDPR), by reflecting on the spirit of the Regulation and taking stock of its relevance in supporting democracy, fundamental rights, and the freedoms we hold so dear. This year, however, my thoughts have concentrated on another incredibly relevant ...
“ADVANCED CYBERSECURITY AND GLOBAL CYBERSECURITY STRATEGY” COURSE WEEK 6: Tutorial #7

Today marks the final tutorial in the “Advanced Cybersecurity and Global Cybersecurity Strategy” course at the European Centre on Privacy and Cybersecurity (ECPC)! The course has truly flown by! Following Mika Lauhde’s lecture on cybersecurity and 5G networks, in today’s tutorial, students will briefly discuss the cybersecurity evolution of 2G, 3G, 4G and LTE networks, also touching on ...
“ADVANCED CYBERSECURITY AND GLOBAL CYBERSECURITY STRATEGY” COURSE WEEK 5: Cybersecurity and Artificial Intelligence

It’s already week 5 of the “Advanced Cybersecurity and Global Cybersecurity Strategy” course at the European Centre on Privacy and Cybersecurity (ECPC)! This afternoon Mika Lauhde will provide our students with a lecture on Cybersecurity and Artificial Intelligence. AI has multiple and diverse roles when it comes to cybersecurity. AI may be used both to compromise organisational security and to ...
ICTLC Ranked Tier 1 by The Legal 500 (Legalease) EMEA for a second consecutive year
I am very proud that ICT Legal Consulting has been included in Tier 1 of the Data Privacy and Data Protection practice area of The Legal 500 (Legalease) EMEA for a second consecutive year! The publication confirms that we “are among the leading experts in the sector”. It furthermore highlights our expertise, dedication, and our “High professionalism, continuous updating ...
New ground-breaking framework for building a sustainable data-driven economy: Data Protection as a Corporate Social Responsibility
I’m extremely pleased that what I first envisioned in 2017 and presented in my inaugural lecture at Maastricht University in 2019 has taken shape – today we have published the first-ever complete CSR framework for data protection aimed at improving privacy and security for a sustainable digital future! The Maastricht University Data Protection as a Corporate Social Responsibility Framework (UM-DPCSR) is the result of the related research ...
CONNECT