- Reference
Special category data in employee travel
What GDPR Article 9 prohibits, what ISO 31030 requires, and why most travel risk programmes are caught between the two. A reference for DPOs and security leads.
Open - Reference
Does travel risk management require a DPIA?
Article 35, the criteria supervisory authorities apply, and what an honest DPIA of a travel risk programme usually finds. A working reference for DPOs.
Open - Reference
Prescription medication at borders: the employer problem
Lawful prescriptions are controlled substances in some jurisdictions. Why medication is a travel risk, why asking about it is an Article 9 problem, and the architecture that resolves both.
Open - Reference
What airline assistance codes disclose
Requesting assistance transmits a standardised disability category through the reservation ecosystem. Who sees an SSR code, why it is special category data, and what employers should not hold.
Open - Reference
Duty of care for human rights defenders: the file problem
Monitoring and evacuation protect people in the field. Almost nothing protects them from the file built to qualify them for protection. A reference for casework and security leads.
Open - Reference
Glossary
The vocabulary of minimum-disclosure architecture, defined once and citable by stable anchor. Terms coined elsewhere are credited to their authors.
Open