5 Essential Data Protection Resources

Published on Apr 28, 2022

Attending a certified training course and passing the exam to gain an independent qualification is one of the most effective ways to enhance your career. In addition to gaining new skills and knowledge, your confidence will grow as your productivity increases, which in turn will impact how others perceive you, leading to greater recognition, authority, and rewards for your efforts.

While professional certifications are essential for learning and development, any experienced practitioner will tell you that the pursuit of knowledge is a lifelong commitment. In fact, continuous professional development is the key to a long and successful career.

When it comes to topping up your post-training knowledge, there are several online resources privacy professionals and other governance, risk and compliance practitioners should monitor to stay informed. Below, we have compiled our top five resources that provide the most comprehensive and accurate information.

And best of all, they are free.

1. The Information Commissioners Office (ICO)

The ICO is a non-department public body and the independent UK regulator for data protection (and, more broadly, information rights).

As well as its supervisory and enforcement functions, the ICO provides a wealth of free information regarding data protection and privacy, including guidance materials for businesses, advice lines, and statistical analysis of market trends. There is also a regularly updated blog. This abundance of information makes the ICO one of, if not the most, essential privacy resources available to businesses, charities, and public bodies who process UK personal data.

We have created a section on our resource page containing a selection of the most relevant links for organisations on the ICO website.

2. The European Data Protection Board (EDPB) and Member State Data Protection Authorities (DPAs)

Even though the UK has left the European Union, our laws are currently still closely aligned. And even if they change, as the government has indicated it intends to do, organisations operating within the EU or processing EU citizens' personal data from their UK locations still have to adhere to their rules. This makes the EDPB of a similar level of importance to the ICO in terms of the rulings they make along with the advice

and guidance they issue. At a national level, Member State DPAs issue rulings to businesses operating across the EU and the UK. So, while EDPB or DPA rulings may not immediately be enforceable in the UK, they are still noteworthy.

The EDPB also provides information regarding the adequacy agreement, which is an acknowledgement that UK privacy laws provide an 'essentially equivalent' level of protection to that which exists in the EU. The EU agreed UK adequacy is invaluable to businesses who process personal data relating to EU citizens, which involves the transferal of data from the EU to the UK.

Similar to our dedicated ICO section, we have added a selection of relevant links to EU institutions for organisations on our resource page.

3. The International Association of Privacy Professionals (IAPP)

The IAPP is a community of privacy professionals with over 70,000 members. Established in 2000, the IAPP is a not-for-profit organisation whose stated aims are to define, support, and improve the burgeoning privacy profession around the world. The IAPP brings people together from every background, including legal experts, day-to-day compliance practitioners, and technical privacy engineers, providing them with the tools and information management practices required to succeed in today's rapidly evolving digital economy. The IAPP provides a wealth of free resources grouped by region and topic, including expert analysis, reports, surveys, and original reporting.

For its members, the IAPP provides a resource centre with a range of tools to simplify the various tasks associated with privacy management. In addition, the IAPP also runs various in-person conferences all over the world (including several in Europe and one in the UK) along with regular online events, featuring highly regarded speakers, breakout sessions, networking sessions, workshops, and training groups.

4. NOYB – European Center for Digital Rights

NOYB, which stands for none of your business, was started by Max Schrems, an Austrian privacy campaigner and author. Max Schrems is best known for filing a complaint to the Irish Data Protection Commission against Facebook Ireland, which led to the Court of Justice of the European Union's (CJEU) invalidation of the Safe Harbour data-transfer agreement between the EU and the US (Schrems I). Max Schrems later amended his complaint against Facebook Ireland after the company switched its transfer mechanism to standard contractual clauses (SCCs), which eventually ended with the CJEU striking down the EU-US Privacy Shield Framework and placing additional requirements for companies using SCCs to third countries outside the EU (Schrems II).

NOYB was formed to bring strategic legal cases and raise the media profile of the GDPR. In terms of free resources, NOYB provides a helpful weekly email aptly named GDPRtoday, which summarises recent GDPR decisions from relevant data protection authorities and the Courts. This is essential reading for privacy professionals.

A second NOYB resource, GDPRhub, allows anyone to search and share GDPR insights from across Europe. The content on GDPRhub is divided into two databases focusing on decisions and knowledge.

5. Freevacy – Privacy Newsfeed and online archive

The fifth essential privacy resource is our very own privacy newsfeed. We started the privacy newsfeed in 2017 as a weekly newsletter of curated articles to ensure our trainers remain on top of the latest industry news and developments with content that has relevance in the UK.

Five years later, the privacy newsfeed is available as a weekly email, daily Twitter updates and a searchable online archive that is trusted by thousands of users. It allows privacy professionals to stay up-to-date on case law decisions, policy updates, new guidance materials, enforcement action, and other regulatory notices or industry news.

The privacy newsfeed monitors over 300 global publications, of which more than 2,500 summary articles have been posted to the online archive dating back to the beginning of 2020. Summary articles can relate to a single piece of original content or several related articles about a common topic or thread. Although designed to help privacy professionals stay informed of current industry news, the online archive provides a simple interface to access historic issues or events. You can find articles through the inbuilt search facility, tags, advanced filters, or detailed links within the summary articles.

Final words

When combined with professional data protection and privacy training, the websites mentioned above provide invaluable and accurate resources to enable you to keep up-to-date with the latest developments from around the world.

Pro tip: If staying informed is important, but your time is limited, we recommend signing up to receive the GDPRtoday newsletter from NOYB and the Privacy Newsfeed weekly roundup from Freevacy. When combined, these two weekly newsletters cover a broad spectrum of privacy-related news and events with only limited overlap. Each resource offers unique content that is not available within the other to ensure you stay on top of your game.

To find out more about data protection and privacy law training, please email us at contact@freevacy.com or call 0370 04 27701.

Click your chosen course below to see our next available courses dates

Freevacy has been shortlisted in the Best Educator category.
The PICCASO Privacy Awards recognise the people making an outstanding contribution to this dynamic and fast-growing sector.