Robert Bateman

Robert is a respected voice on data protection, privacy, and security law. He built his profile creating in-depth reports on legislation, compliance guidance documents for organizations, and news articles about the latest sectoral developments worldwide.

Robert’s passion for privacy and security began while studying for a postgraduate law degree. His dissertation, on the compatibility of the U.K.’s Data Protection Act with the European Convention on Human Rights, won the DMH Stallard Prize for best research project.

Since then, Robert has worked with privacy and security-focused tech firms and startups, creating detailed guidance and policy documents to help organizations comply with their data protection and security compliance obligations.

A passionate advocate for digital rights, Robert has also worked as a journalist reporting on the latest developments in digital privacy, tech policy, and state surveillance.

Throughout his career, Robert has interviewed some of the sector’s most prominent figures such as privacy campaigners Max Schrems and Johnny Ryan, plus representatives from leading NGOs including Privacy International, the Electronic Frontier Foundation (EFF), and European Digital Rights (EDRi).

Contact info

Email:: robert@grcworldforums.com

Feature
Information Commissioner’s Office Releases Guidance on AI: Reducing Bias, Ensuring Privacy and Facilitating Rights Over Automated Decision-Making
2022-11-08T12:27:00
AI is advancing fast and is being adopted in numerous everyday contexts, such as recruitment, fraud detection and employee monitoring. While the UK lacks any specific AI-focused regulation, the use of personal data in AI systems is subject to existing rules under the UK General Data Protection Regulation (GDPR).
Feature
Australia’s Cybersecurity Problem: Is Under-Recruitment to Blame?
2022-11-04T16:10:00
Australia suffered two major cyberattacks in October, compromising the personal information of around 14 million people in total. A recent Reuters report suggests that under-recruitment of cybersecurity professionals could be partly to blame.
Feature
Is a State of Crisis the New Normality?
2022-11-02T17:01:00
The Institute of Internal Auditors (IIA)’s latest Risk in Focus 2023 report, headed “Navigating the perfect storm of high-impact interlocking risks”, identifies the following top risks to organisations:
Feature
EU Digital Services Act: The Importance of Staying Informed on Upcoming Regulations
2022-10-28T13:40:00
With data protection, security and other governance risk and compliance responsibilities growing increasingly complex and demanding, some businesses might not have much time to consider their obligations around content moderation.
Feature
Money Laundering Fines Against Solicitors’ Firms More Than Tripled Last Year
2022-10-27T15:49:00
The Solicitors Regulation Authority (SRA) published its annual anti-money laundering (AML) report this week. Part of the SRA’s role is to ensure solicitors and law firms are meeting their increasingly extensive AML obligations. This year saw a significant increase in the number of investigations resulting in “internal outcomes”, which can include anything from formal advice to rebukes and fines.
Feature
Interserve Fine: Got Internal Security Policies? You’d Better Follow Them
2022-10-25T11:36:00
Construction firm Interserve was the latest target of the Information Commissioner’s Office (ICO)’s ongoing enforcement spree, following a 2020 phishing attack that compromised the personal data of up to 113,000 people.
Feature
Data Breach Damages For ‘Very Modest’ Distress? In the UK?
2022-10-19T15:19:00
Last week, the High Court ordered the Crown Prosecution Service (CPS) to pay £250 in damages to an ex-Conservative council leader who experienced “a very modest degree of distress” following a data breach.
Feature
Profiling and Marketing: Why the ICO’s Latest Fine Against Easylife Matters
2022-10-11T10:55:00
The Easylife fine shows how some companies may be engaged in profiling without realising. The decision reminds us of the dangers of carelessly processing health data and demonstrates the important interaction between the GDPR and direct marketing laws.
Feature
5 Takeaways From the Basel AML Index 2022: ‘Depressingly Little’ Progress, But Some Grounds for Optimism
2022-10-06T16:00:00
The Basel Institute on Governance released its 11th annual Basel AML Index on Tuesday, and the report presents a mixed picture of global attempts to tackle money laundering.
Feature
US ‘AI Bill of Rights’: Why You Should Care About This Non-Binding Guidance
2022-10-05T14:48:00
AI regulation is arguably lagging behind the advancement of technology. But many jurisdictions are developing laws and guidance that will affect how automated systems—which can include anything from HR software to fraud-screening products—are developed and used.
Feature
Conservative Party Conference 2022 Brings More Data Protection Uncertainty
2022-10-04T15:05:00
At the Conservative Party Conference 2022 on Monday, newly-appointed Secretary of State for Digital, Culture, Media and Sport (DCMS) Michelle Donelan said the General Data Protection Regulation (GDPR) was “limiting the potential of our businesses”.
Feature
New NIST Report: Integrating Cybersecurity Into Enterprise Risk Management
2022-09-22T14:14:00
With cyberattacks becoming more devastating and complex, cybersecurity is at the forefront of public and government attention.
Feature
EU’s Sweeping New Cyber Resilience Rules Will Hold Digital Products to a High Security Standard
2022-09-16T16:29:00
The European Commission’s proposed Cyber Resilience Act, published on Thursday, aims to change this by imposing new rules on the people manufacturing, importing and distributing hardware and software products across the EU.
Feature
Instagram ‘Binding Decision’: What Was Meta’s ‘Legal Basis’ for Publishing Children’s Contact Details?
2022-09-15T15:05:00
Last week’s €405m fine against Instagram, the second-largest penalty ever issued under the GDPR, made headlines. But Meta (which owns Instagram) turned over $117bn last year. Beyond the fine, specific findings around Meta’s legal compliance could hurt the company much more.
News
Report: Regulation, Privacy and Fraud Among Organisations’ Top Compliance Concerns
2022-09-13T16:23:00
A recently-published NAVEX report offers an interesting insight into the views and practices of compliance professionals across 1,105 organisations.
News
GDPR, Transparency and Consent, and the Internet Advertising Bureau: Unpacking Six Questions For the CJEU
2022-09-09T14:49:00
The Internet Advertising Bureau (IAB) Europe’s Transparency and Consent Framework (TCF) was supposed to be a “cross-industry best practice standard” to help thousands of publishers, adtech vendors and consent management platforms (CMPs) comply with the GDPR.
News
Ireland’s €405m Instagram Fine: Children’s Privacy and Data Protection by Design
2022-09-08T16:08:00
The Irish data protection authority has fined Instagram €405m over how the company processed children’s data—the second largest GDPR fine on record.
Feature
The Complex World of NFTs and Financial Crime
2022-09-02T08:48:00
Non-fungible tokens (NFTs) are perhaps best known as a way to assign digital “ownership” to pictures of cartoon monkeys. But a new report from Elliptic claims that NFT-based platforms are being used to launder millions of dollars of illicit funds.
News
NHS Contractor Cyberattack: Ransomware, Supply Chains and Operational Resilience
2022-08-31T13:47:00
When an NHS service provider was hit by ransomware earlier this month, an NHS spokesperson said the health service had “tried and tested contingency plans in place” to protect its own network.
News
LastPass Hack: To Disclose or Not to Disclose?
2022-08-30T16:46:00
Users of the world’s most popular password manager, LastPass, received a shock on Thursday after the company notified them of “some unusual activity within portions of the LastPass development environment”.

More by Robert Bateman