Below are a list of the research projects I have previously worked on.
Intersections of the GDPR, Digital Services Act and AI Act – Amsterdam Law School, Advanced Masters of Technology Governance
With the emerging EU regulatory space in technology consisting of many new laws that overlap and intersect in different ways, this research project sought to uncover how and where elements of these laws affect the others. The research connected transparency obligations under the DSA with a legal basis for processing of personal data under the GDPR. Further, I considered the role of the data subject rights under the GDPR – such as the rights associated with automated decision-making – with requirements under the AI Act for algorithms. Ultimately, the GDPR remains the strongest tool for data subjects to exercise rights, whereas the AI Act requires enforcement by regulators.
One stop shop mechanisms in the EU – Amsterdam Law School, Advanced Masters of Technology Governance
This research compared the one stop shop mechanism under the GDPR and NIS2, considering how lead supervisory authorities are determined and the regulatory burden is shared between EU member states for multi-jurisdictional regulation.
The GDPR and NIS2 were chosen as laws both concerned with data security and the prevention of data breaches, with a key distinction being the fact that one is a Regulation and the other a Directive.
Consumer Data Right – Monash Law School, Honours Thesis for Bachelor of Laws
In 2019, Australia amended its Privacy Act 1988 to introduce the Consumer Data Right: a right for consumers to request data holders transfer data about them to another provider in select industries. This echoes the GDPR’s right to data portability. My research project considered the legislative process of designing this amendment, and the difference between commercial and human rights approaches to privacy (and data protection). A pivotal part of the legislative process that lead to the CDN was the Digital Platforms Inquiry conducted by the Australian Competition and Consumer Authority from 2017-2019. This has been complemented by a subsequent Digital platform services inquiry 2020-25.
I criticised the “Consumer” data right for restricting a human right to participation in the economy as a consumer, and promoted a fundamental rights approach to privacy regulation.
Online safety, CSAM and content moderation – undertaken for client work in my role as an Associate at Moores, and continued as a comparative law assignment for the Advanced Masters of Technology Governance
This research was a comparative analysis of the online safety measures in the DSA, Online Safety Act 2023 (UK) and the Online Safety Act 2021 (Australia). My work in online safety in Australia was focused on child safety, prevention of the circulation of child sexual abuse material (CSAM) and compliance with obligations for reporting and complaint handling. From my studies at Amsterdam University, I compared the three jurisdictions – EU, UK and Australia – from the perspective of the obligations of online platforms relevant to child safety online.
Obligations of non-VLOPs under the DSA– research undertaken for the DSA Observatory, part of the Institute for Information Law at Amsterdam Law School.
The obligations of VLOPs and VLOSEs under the DSA have received much attention. I looked into the obligations of online platforms that are not designated as a VLOP or VLOSE as I consider these obligations to still be significant in reshaping our online world – particularly as significant platforms such as Uber and Airbnb are currently below the 45 million active monthly user threshold.