Privacy made practical.

Sharp, honest writing on privacy and data protection. From the trenches, for the trenches.

Read my latest →Get in touch

Latest writing

View all →

Companies Need to Fear Sanctions by the Data Protection Authorities

25 Apr 2026

GDPR's record-breaking penalties are stuck in legal animation. The deterrent has gone with them.

The Consent Theatre of Cookie Banners

16 Apr 2026

I advise organisations on cookie compliance.

Parsing Your ChatGPT History with a Second AI

3 Apr 2026

I exported 503 conversations from ChatGPT.

About

I'm a practising Data Protection Officer with a legal background and experience across heavily regulated industries. I've spent years building privacy programmes, managing incidents, and navigating the gap between what the law says and what organisations actually do.

I write because most privacy content is either painfully corporate or hopelessly academic. There's a space in between for honest, practical thinking about data protection — the kind of writing I wished existed when I was starting out. This site is that space.

Off the clock

“Nothing happens to anyone that they can’t endure. The same thing happens to other people, and they weather it unharmed.”

from The Key to Unshakeable Confidence — The Stoic Manual

Get in touch

Have a question, a comment on something I've written, or just want to say hello? Drop me a message.