Indiana Consumer Data Protection Act: 101 – What You Need to Know
Indiana enacted the Consumer Data Protection Act on 1st May 2023, when Governor Eric Holcomb signed Senate Bill 5 into…
Scott Dooley
Scott Dooley is a seasoned entrepreneur and data protection expert with over 15 years of experience in the tech industry. As the founder of Measured Collective and Kahunam, Scott has dedicated his career to helping businesses navigate the complex landscape of data privacy and GDPR compliance.
With a background in marketing and web development, Scott brings a unique perspective to data protection issues, understanding both the technical and business implications of privacy regulations. His expertise spans from cookie compliance to implementing privacy-by-design principles in software development.
Scott is passionate about demystifying GDPR and making data protection accessible to businesses of all sizes. Through his blog, he shares practical insights, best practices, and the latest developments in data privacy law, helping readers stay informed and compliant in an ever-changing regulatory environment.
Can a Company Process and Store Employee Fingerprint Data Under GDPR?
Two landmark cases demonstrate how seriously data protection authorities take workplace biometric processing. Learn when fingerprint data can and cannot…
EU Court Redefines ‘Personal Data’: 5 Documents to Update Now
On 4 September 2025, the Court of Justice of the European Union fundamentally changed how "personal data" is defined under…
EU NIS-2 Management Liability: The SonicWall Breach Test Case
In October 2025, SonicWall revealed the full scope of a September breach: attackers had stolen ALL cloud-stored security configuration backups,…
Got Views on How the ICO Handles Complaints? Now Is the Time to Share
The ICO is changing how it handles data protection complaints. With the consultation closing 31 October 2025, now is your…
Are EU-UK Cross-Border Data Transfers at Risk of Change?
EU-UK data adequacy decisions are up for renewal in 2025. With the December 27 deadline approaching, understand what's changing and…
GDPR Recognised Legitimate Interests: Understanding the New ‘Recognised’ Category
The UK's Data (Use and Access) Act 2025 introduces recognised legitimate interests, a new lawful basis giving organisations pre-approved grounds…
£300,000 ICO Penalty for Illegal Automated Marketing Calls: Home Improvement Marketing Ltd Case Analysis
The ICO fined Home Improvement Marketing Ltd £300,000 for making 2.4 million illegal automated marketing calls. Analysis of the penalty…
Bristol City Council ICO Enforcement Case: Falling Behind On Subject Access Request Compliance
Bristol City Council faces ICO enforcement action for 231 overdue Subject Access Requests dating back over three years. Learn the…
How to request your personal data under GDPR in the UK?
A comprehensive guide to making Subject Access Requests in the UK. Learn how to request your personal data from organisations,…
What the ICO Says About Data Protection Refresher Training
ICO requires data protection refresher training at "appropriate intervals." Learn frequency recommendations, what to include, and how to document compliance…
Does my business need to prepare for changes to Data Protection in the UK via the Data (Use and Access) Act 2025?
The Data Use and Access Act 2025 amends UK GDPR with changes rolling out through June 2026. Learn what's changed,…
Do I need to train my team about data protection – what does the ICO say in 2025?
If you handle personal data in your organisation, you’ve probably asked yourself: am I legally required to train my staff…
ICO fines Care Home Director for Deleting Data: The Warning Every Manager Should Read
On 3 September 2025, Jason Blake, 56, director of Bridlington Lodge Care Home in Yorkshire, was ordered to pay £1,100…
The UK Data (Use and Access) Act 2025: What You Actually Need to Know
The UK has new data protection laws. Again. But before you start panicking about another massive compliance overhaul, take a…
Understanding GDPR Data Subject Access Requests: A Practical Guide for Organisations
One important mechanism that empowers individuals (data subjects) under GDPR is the Data Subject Access Request (DSAR).
Does WordPress Use Cookies? A Complete Guide to Cookie Compliance
In light of data protection laws like GDPR and the ePrivacy Regulations (PECR) you may be concerned about whether your…
UK Home Office Receives Enforcement Notice Over Migrant GPS Tagging Data Risks
This action follows discussions with the ICO regarding a controversial pilot program that tracked the GPS locations of up to…
Exciting updates to our free GDPR training course: streamlined access and enhanced user experience
At Measured Collective, we are always striving to provide the best possible learning experience for our community of over 5,000…
GDPR Legitimate Interests Assessment: The Complete Guide
It's one of the most flexible lawful bases under GDPR but applying it comes with some caveats.