Robert Bateman
Robert is a respected voice on data protection, privacy, and security law. He built his profile creating in-depth reports on legislation, compliance guidance documents for organizations, and news articles about the latest sectoral developments worldwide.
Robert’s passion for privacy and security began while studying for a postgraduate law degree. His dissertation, on the compatibility of the U.K.’s Data Protection Act with the European Convention on Human Rights, won the DMH Stallard Prize for best research project.
Since then, Robert has worked with privacy and security-focused tech firms and startups, creating detailed guidance and policy documents to help organizations comply with their data protection and security compliance obligations.
A passionate advocate for digital rights, Robert has also worked as a journalist reporting on the latest developments in digital privacy, tech policy, and state surveillance.
Throughout his career, Robert has interviewed some of the sector’s most prominent figures such as privacy campaigners Max Schrems and Johnny Ryan, plus representatives from leading NGOs including Privacy International, the Electronic Frontier Foundation (EFF), and European Digital Rights (EDRi).
Contact info
NewsFault in ChatGPT prompts AI privacy concerns
OpenAI’s ChatGPT is once more at the forefront of the data protection conversation following a significant error that occurred on the platform, reports reveal.
FeatureTen Key Considerations to Prevent or Mitigate a Ransomware Attack
If ransomware hits, will you pay the attackers? As tempting as it might be, there are many reasons not to pay.
OpinionFour Unanswered Questions Since the Last Data Protection Day
Data Protection Day comes but once a year—but the fascinating world of privacy and data protection spurts out hard questions all year long. And since 26 January last year, there’s been no shortage of brain teasers for data protection fans to squabble over.
Q&AUK Regulators Are Seeking Your Views on the Evolving Digital Landscape
In the UK, as in virtually every country, regulation of digital services is getting increasingly complicated. It can be hard to keep track of the upcoming changes to data protection, online safety and competition regulation.
OpinionThe IAB’s ‘Action Plan’ Has Been Approved — But Uncertainty Around Online Ads Continues
Last week, the Belgian Data Protection Authority (DPA) approved the Interactive Advertising Bureau (IAB) Europe’s “action plan” for bringing the Transparency and Consent Framework (TCF) into compliance with the General Data Protection Regulation (GDPR).
NewsThis EU Court Case Could Expand the GDPR’s ‘Automated Decision-Making’ Rules
Next Thursday, the Court of Justice of the European Union (CJEU) will hear an important case about “automated decision-making” under the GDPR.
Feature5 New US State Privacy Laws Take Effect in 2023: Are You Covered?
Privacy professionals that work for companies operating in the US should have a busy year. Throughout 2023, the following US state privacy laws take effect…
FeatureIrish DPC to Challenge Fellow Regulators in Court Over ‘Problematic’ Direction
The Irish Data Protection Commission (DPC) released details of investigations into two Meta companies on Wednesday, which will change the way the companies target ads. The decisions conclude complaints that were first lodged in May 2018.
Feature5 Privacy Stories You Might Have Missed Over the Break
Many privacy professionals will be returning to work today after a week or two off. Here are five interesting privacy-related stories you might have missed.
FeaturePICCASO Awards: Quotes From the Winners
The PICCASO Privacy Awards celebrated the people and organisations making a significant contribution to privacy and data protection on December 8th, 2022.
FeatureInformation Commissioner’s Office Releases Guidance on AI: Reducing Bias, Ensuring Privacy and Facilitating Rights Over Automated Decision-Making
AI is advancing fast and is being adopted in numerous everyday contexts, such as recruitment, fraud detection and employee monitoring. While the UK lacks any specific AI-focused regulation, the use of personal data in AI systems is subject to existing rules under the UK General Data Protection Regulation (GDPR).
FeatureAustralia’s Cybersecurity Problem: Is Under-Recruitment to Blame?
Australia suffered two major cyberattacks in October, compromising the personal information of around 14 million people in total. A recent Reuters report suggests that under-recruitment of cybersecurity professionals could be partly to blame.
FeatureIs a State of Crisis the New Normality?
The Institute of Internal Auditors (IIA)’s latest Risk in Focus 2023 report, headed “Navigating the perfect storm of high-impact interlocking risks”, identifies the following top risks to organisations:
FeatureEU Digital Services Act: The Importance of Staying Informed on Upcoming Regulations
With data protection, security and other governance risk and compliance responsibilities growing increasingly complex and demanding, some businesses might not have much time to consider their obligations around content moderation.
FeatureMoney Laundering Fines Against Solicitors’ Firms More Than Tripled Last Year
The Solicitors Regulation Authority (SRA) published its annual anti-money laundering (AML) report this week. Part of the SRA’s role is to ensure solicitors and law firms are meeting their increasingly extensive AML obligations. This year saw a significant increase in the number of investigations resulting in “internal outcomes”, which can include anything from formal advice to rebukes and fines.
FeatureInterserve Fine: Got Internal Security Policies? You’d Better Follow Them
Construction firm Interserve was the latest target of the Information Commissioner’s Office (ICO)’s ongoing enforcement spree, following a 2020 phishing attack that compromised the personal data of up to 113,000 people.
FeatureData Breach Damages For ‘Very Modest’ Distress? In the UK?
Last week, the High Court ordered the Crown Prosecution Service (CPS) to pay £250 in damages to an ex-Conservative council leader who experienced “a very modest degree of distress” following a data breach.
FeatureProfiling and Marketing: Why the ICO’s Latest Fine Against Easylife Matters
The Easylife fine shows how some companies may be engaged in profiling without realising. The decision reminds us of the dangers of carelessly processing health data and demonstrates the important interaction between the GDPR and direct marketing laws.
Feature5 Takeaways From the Basel AML Index 2022: ‘Depressingly Little’ Progress, But Some Grounds for Optimism
The Basel Institute on Governance released its 11th annual Basel AML Index on Tuesday, and the report presents a mixed picture of global attempts to tackle money laundering.
FeatureUS ‘AI Bill of Rights’: Why You Should Care About This Non-Binding Guidance
AI regulation is arguably lagging behind the advancement of technology. But many jurisdictions are developing laws and guidance that will affect how automated systems—which can include anything from HR software to fraud-screening products—are developed and used.