This foundation course introduces the GDPR & data-protection basics we expect from every True Observer volunteer and agent . When you collect screenshots, download videos, or write reports about real people, you’re no longer “just browsing the internet”. You’re handling personal data and, often, evidence that may later be used in court. This training explains how to do that safely, legally and respectfully, under both UK GDPR and EU GDPR .

We’ll look at what counts as personal data, the difference between ordinary and special-category data, and why concepts like lawful basis, data minimisation and purpose limitation matter in an OSINT environment . You’ll see how these rules apply in practice to things we do every day: using a virtual machine, naming files, storing evidence in encrypted drives, sharing information with other volunteers, or escalating a case to a client or legal team. The goal is not to turn you into a lawyer, but to give you enough understanding to spot risk, protect victims and protect yourself.

By the end of this course, you will be able to:

1. Explain, in simple terms, what GDPR is and why it matters for OSINT and reputation-defence work.
2. Recognise personal data and special-category data in the material you collect.
3. Apply core GDPR principles: lawful basis, data minimisation, purpose limitation, accuracy, storage limitation and security.
4. Handle screenshots, videos, transcripts and reports as evidence, using good chain-of-custody practices (hashing, timestamps, secure storage).
5. Understand the roles of data controller, processor and recipient, and where True Observer and its volunteers fit.
6. Follow True Observer guidelines for secure working: virtual machines, encrypted drives, safe sharing and retention periods.
7. Know what to do if something goes wrong (suspected data breach, mis-sent file, lost device, etc.).

Certification:

Participants who complete all modules, pass the final exercise, and maintain full attendance will receive a GDPR & Data Protection Awareness certificate by True Observer.

This course is a mandatory step before deployment on real cases and unlocks further True Observer Academy training on OSINT investigations, incident response and evidence reporting.