6d ago · 22 min read · When I first read GDPR Article 32, I made a mistake. I thought it was a legal document. But it's not. It's an infrastructure specification. The regulation says you need "appropriate technical measures
Join discussion
May 20 · 6 min read · RoyalComply is a cookie consent plugin. Its job is to figure out which jurisdiction the visitor is in, render a banner with the right behavior (opt-in for GDPR, opt-out for CCPA), and POST the visitor
Join discussionMay 10 · 19 min read · TL;DR: A practical security checklist for European scale-ups evaluating open-source AI tools before procurement, covering license through DORA. GitHub stars measure popularity, not security. For every open-source AI tool your engineering team or pla...
Join discussion
May 6 · 4 min read · Modern AI systems are increasingly designed to deliver highly personalized experiences, from recommendation engines to adaptive interfaces and intelligent assistants. Personalization improves user eng
Join discussion
May 5 · 4 min read · OneTrust cookie consent implementation is easy to get mostly right—and surprisingly common to get wrong in ways that silently break analytics, ad attribution, or compliance. If your banner “shows up,” that doesn’t mean consent is correctly enforced, ...
Join discussionMay 5 · 5 min read · The below is a continuation of the series on the history of Expanso. Today, we're talking about the third and final unchangeable law of data: the ever-tightening web of data controls. Read the whole series starting from Part 1. The History of Expanso...
Join discussionMay 4 · 5 min read · Quick Answer: "Digital sovereignty" in AI isn't about where your servers are. It's about who can access your data while it's being processed. Most "sovereign AI" solutions just move the problem — your data still sits unencrypted in GPU memory, readab...
Join discussionApr 29 · 10 min read · Microsoft 365 · Enterprise AI · Governance TL;DR Since January 2026, Claude models from Anthropic are Microsoft subprocessors and selectable inside M365 Copilot, Researcher, Copilot Studio, and the W
Join discussion
Apr 28 · 4 min read · Your AI vendor claims compliance. But when the auditor shows up on August 3, 2026, they won’t care about marketing. They’ll want proof — cryptographic, hardware-level proof — that your AI system met Article 15 cybersecurity requirements under the EU ...
Join discussion
