Writing
Thinking on privacy, data protection, and compliance.
Practical perspectives on building programmes that hold up — not just on paper.
The Consent Theatre of Cookie Banners
16 April 2026I advise organisations on cookie compliance.
Parsing Your ChatGPT History with a Second AI
3 April 2026I exported 503 conversations from ChatGPT.
From GPT-3.5 to Claude Code: What 500 Conversations Taught Me About AI
25 March 2026How a privacy professional went from sceptic to daily user, then quietly walked away — and what happened next.
The DPIA That Changed Nothing
20 March 2026Most impact assessments are finished before they start. The outcome was decided — the DPIA was just the paperwork.
The Right to Object: The Most Underused Right in the GDPR
13 March 2026Everyone knows about the right to erasure. Almost nobody talks about the one that actually has teeth.
Nobody Reads a Privacy Notice. And the People Writing Them Know It.
13 March 2026Transparency theatre and the fiction of informed consent.
AI Just Landed on Your Desk. Now What?
7 March 2026What happens when the DPO is the last to know about the AI tool everyone's already using.
Your Subject Access Request Is Not an Inconvenience
3 March 2026A data subject exercising their rights is not an attack. The way your organisation responds says everything.
Children's Data and the Illusion of Protection
1 March 2026A child under 13 had their personal data collected, processed, and monetised by one of the world’s largest platforms.