Created with Sketch.
47 minutes | Jun 8, 2021
SCCs Are Here But Far From Standard
On this week's episode of #SeriousPrivacy, Paul Breitbarth and K Royal discuss the new Standard Contractual Clauses (SCCs) for international transfers that were adopted by the European Commission on 4 June 2021. These model contracts, that come in four modules, finally replace the old SCCs, some of which date back to the early 2000s. The modernised versions are fully GDPR compliant, embrace the accountability principle and include many requirements to address the limitations set by the Schrems II decision.Listen to the conversation to get a better understanding of what the new SCCs entail and how they can (and cannot) be used by organisations. You will hear more about why some non-European companies will not have to use SCCs going forward, but also on the assessments that you will need to undertake. Since recording the episode, the timelines for the Transfer SCCs have become clear too:27 June 2021 - the new SCCs become applicable27 Sept 2021 - the old SCCs become invalid for new contracts27 Dec 2022 - all SCC-based contracts will need to be updatedResourcesTrustArc blog introducing the new SCCsTrustArc microsite with all international transfer related information As always, if you have any questions or comments, please feel free to contact us at email@example.com. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app.
41 minutes | Jun 1, 2021
Cyber Crisis: Security Matters (Dr. Eric Cole)
On this week of #SeriousPrivacy, Paul Breitbarth and K Royal connect with Dr. Eric Cole, on the release of his new book today Cyber Crisis - Protecting Your Business from Real Threats in the Virtual World. Fascinating insight, especially given the Colonial Pipeline incident recently, but a book that is not intended to be fairytales and happily-ever-afters. Dr. Cole holds a master’s degree in computer science from New York Institute of Technology and a doctorate from Pace University, with a concentration in information security. He was a CIA hacker, a member of the commission on cybersecurity for the forty-fourth president and is a member of several executive advisory boards, including the Forbes Technology Council. He was inducted into the 2014 Infosecurity Hall of Fame. This is his seventh book, and he not only knows this subject well he knows how to present it so we understand it.In this episode, we dive deep into the connection between cybersecurity and privacy. Coincidentally, the Transportation Security Administration (TSA) just released its first ever regulation on pipeline companies - which includes cyberprotection and breach response. He also provides guidance, such as two-factor authentication truly is the best deterrent the average person can put in place to secure their accounts. If someone hijacks your accounts and implements it before you do, you will have a Herculean task to recover your own accounts. As he states in chapter 8 “In cyberspace, it’s anarchy, and in anarchy, you need to protect yourself.” Join us as he shares the top 4 things that need to be addressed to keep data secure. We also discuss the relationships between privacy and security, the typical CEO perspective on privacy officers, and how hundreds of thousands of offices were opened due to COVID… and we still are not addressing remote work protocols. Lastly, did you know that ethical criminals make a difference in the ransomware world. As always, if you have any questions or comments, please feel free to contact us at firstname.lastname@example.org. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app.
37 minutes | May 25, 2021
There is no "ish" in privacy: GDPR 3-5 years later
On this week of #SeriousPrivacy, Paul Breitbarth and K Royal discuss the European Union’s General Data Protection Regulation, because three years ago from the day this episode was released (May 25, 2021), the GDPR went into effect. And whether you consider it three years or or five (per this Twitter debate), it was a world-changing event. In this episode, they talk about the changes seen in the past three years, including the two years before that when the GDPR was passed. They discuss penalties and amounts known, but also the most frequent violations. Companies can learn alot by looking at enforcement to know where to prioritize their compliance activities - or at least what to check to make sure it is properly in place. They discuss the locatemyfamily.com that has been in the news lately, including for not appointing a European representative, and the challenges the data protection authorities faced to investigate the complaints across the ocean.In addition, they discussed how the GDPR impacted US legislation, such as the concept of controllers and processors, and the definition of sensitive personal data. The GDPR influenced the California Consumer Privacy Act (CCPA), or more so the California Consumer Privacy Rights Act (CPRA) and the Virginia Consumer Data Protection Act (CDPA) - the latter two take effect in 2023. There is discussion of the importance of EU representatives - and there is a passing mention of the upcoming standard contractual clauses. As always, if you have any questions or comments, please feel free to contact us at email@example.com. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app.
38 minutes | May 20, 2021
Data Secrets (with Ray Everett)
On this week of #SeriousPrivacy, Paul Breitbarth and K Royal connect with Ray Everett, Founding Member & Chief Privacy Intelligence Officer at Data Secrets, a company that develops solutions focused on identifying risk wherever applications are accessing your data -- in the public cloud, in SaaS applications, and on-premise. He has a long history working as a privacy professional, including at TrustArc, and was appointed as the first Internet-era Chief Privacy Officer in 1999 - starting with speaking on an U.S. Federal Trade Commission panel as a law student and moving into founding what is now the International Association of Privacy Professionals (#IAPP).In this episode, we talk about APIs and SDKs - the benefits and challenges, along with managing them in a world that focuses on privacy and data protection. This brings in the requirement for data inventories and visibility into the movement of data, which is critical to identify early if there has been a data breach or unauthorized data access.Join us as we explore mobile apps, AI, and external storage considerations. The conversation ranges from Privacy by Design to DevOps, focusing on understanding the movement of data as well as why understanding the movement is important. As always, if you have any questions or comments, please feel free to contact us at firstname.lastname@example.org. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app.
39 minutes | May 12, 2021
Radically Open-Minded on Privacy (with Seán Dunne)
In this episode of Serious Privacy, Paul Breibarth and K Royal connect with the Global Privacy Officer at GameStop, Seán Dunne. He really knows the company well, given that he started in retail operations almost 12 years ago. Now, he is responsible for global data protection compliance with laws ranging from the familiar GDPR and CCPA, to the less well known Canadian anti-spam legislation, and the privacy laws of Australia and New Zealand. This is quite the perspective to share with our listeners who are curious about the challenges one faces with a truly global privacy office, that includes major operations in the US, Canada, Australia, and New Zealand, but is based in Europe. Gamestop operates on multiple fronts with online and brick and mortar locations, multiple streams of operations and data flows, and has consumers at various ages. It is quite complex, but fascinating to understand his priorities, challenges, and daily approach. We spoke about an EU privacy person managing the US privacy operations (particularly challenging), new state laws, the possibility of a federal law in the US, Privacy Shield, SCCs, and the criticality of a privacy dictionary. Join us as we discuss global privacy operations, preferences for “data protection” versus “privacy,” and the skills needed to be a successful privacy professional. Coming from the tech side of business, Seán has interesting insight on collaboration. As always, if you have comments or feedback, please contact us at email@example.com.
37 minutes | May 5, 2021
You have the Right to Rights in Law Enforcement (with Katherine Quezada Tavárez)
Every year, in the final week of January, privacy professionals from around the world assemble in the north of Brussels for the Computers, Privacy and Data Protection Conference. In recent years, on the final day, the European Data Protection Law Review awards a young scholar award and hosts a panel to discuss the nominated papers. In this episode of Serious Privacy, Paul Breibarth and K Royal host the third of this year’s three finalists for the EDPL Award. Please join us for a conversation with Katherine Quezada Tavárez, a legal researcher at KU Leuven Centre for IT & IP Law (CiTiP) and LLM graduate of the Catholic University of Leuven, Belgium, but also holds a law degree from the Universidad Autónoma de Santo Domingo in the Dominican Republic, her mother country. Katherine wrote her paper on the Impact of the Right of Access in the Balance between Security and Fundamental Rights, not just focusing on the GDPR, but also on the EU’s Law Enforcement Directive and the so-called PNR Directive (Passenger Name Record), on the collection and use of traveller’s data for law enforcement and counter terrorism purposes. Join us as we discuss the rights individuals have to data held by law enforcement and why it is important that people know of these rights. Katherine provides some examples of how individuals may be impacted by incorrect information - which as you can imagine, could have disastrous consequences. Her main focus is on balancing the needs of the community (law enforcement) with the needs of the individual. Along the way, we also touch on Malta, the Dominican Republic, and FOIA (Freedom of Information Act in the U.S.).As always, if you have comments or feedback, please contact us at firstname.lastname@example.org.
38 minutes | Apr 28, 2021
Oh what a week in privacy with Paul and K
In this episode of Serious Privacy, Paul Breibarth and K Royal tackle the slew of development (or non-developments) in privacy around the world. What a week in privacy! We had the proposal for AI Regulation published in the EU, the UK adequacy opinion, and of course, several privacy bills in states around the US, and the United States Supreme Court decision in AMG Capital Management, LLC et al. v. Federal Trade Commission, decided the morning of the episode recording. The AI proposal has garnered much conversation, such as in this article by Politico and the summary by Dr. Gabriela Zanfir-Fortuna of the Future of Privacy Forum. Paul and K discuss various aspects of the proposal including a few unexpected recommendations, or lack thereof. However, the UK adequacy opinion was not as surprising, but quite interesting. Once we turned to the US and state privacy bills, the end was near for several key states, and by the time this episode is live, we know that the Washington bill is dead once again. However, there remains hope for a couple of others given the dates of when sessions end, such as Florida - which we should know in a few days - it is scheduled for its third reading at this time. About 15 states still had bills at the time (see webinar on update by TrustArc on state privacy bills), and of course, the next legislative season may see more change. The FTC decision by the USSC was top of mind given its impact on FTC authority, which also led to discussions of the federal privacy bill by Rep. DelBene which proposes quite an expansion of FTC authority. Please see this statement released by the FTC on the matter. This case was reminiscent of a prior case with LabMD (yes, different enforcement actions, but still speaking to FTC authority).Join us as we discuss these developments and more in this episode of Serious Privacy. As always, if you have comments or feedback, please contact us at email@example.com.
34 minutes | Apr 21, 2021
It’s Not All About You: DNA and Group Privacy (with Taner Kuru)
Every year, in the final week of January, privacy professionals from around the world assemble in the north of Brussels for the Computers, Privacy and Data Protection Conference. In recent years, on the final day, the European Data Protection Law Review awards a young scholar award and hosts a panel to discuss the nominated papers. In this episode of Serious Privacy, Paul Breibarth and K Royal host the second of this year’s three finalists for the EDPL Award. Please join us for a conversation with Taner Kuru, who holds a Bachelor and Master of Laws of Ankara University, in Turkey, and recently completed an advanced LL.M. in Law and Digital Technologies from the Leiden Law School in the Hague. He also just completed an internship at the United Nations Interregional Crime and Justice Research Institute (UNICRI) Centre for Artificial Intelligence and Robotics. (You can catch the first finalist from last week with Isabel Hahn on purpose limitation against big data and common practices.) During this conversation, we discuss how Taner became interested in genetic privacy and then specifically why he researched the concept of group privacy in pertinent data protection laws, such as the European Union’s General Data Protection Regulation and Turkey’s Kişisel Verileri Koruma Kurumu (KVKK). His journey started with CRISPR babies, which led to DNA companies, such as 23andMe and AncestryDNA, and finally into posts on REDDIT and published stories on individuals who have been surprised at some of their DNA results. Given some of the dramatic accounts, Taner became intrigued about whether the privacy of individuals who share DNA is protected. In particular, how do you protect the privacy of groups?Join us to learn more about this topic and his conclusions. We also discuss precision medicine, the Havasupai case, consent, ethics, and dating apps. Fascinating topics to cover in one episode.As always, if you have comments or feedback, please contact us at firstname.lastname@example.org.
36 minutes | Apr 13, 2021
Pervasive Interference: A chat about Purpose Limitation (with Isabel Hahn)
Every year, in the final week of January, privacy professionals from around the world assemble in the north of Brussels for the Computers, Privacy and Data Protection Conference. In recent years, on the final day, the European Data Protection Law Review awards a young scholar award and hosts a panel to discuss the nominated papers. In this episode of Serious Privacy, Paul Breibarth and K Royal host the first of this year’s three finalists for the EDPL Award on the podcast. Isabel Hahn holds a Bachelor of Laws degree from the London School of Economics and Political Science, recently completed an internship at NOYB and has just started a new internship with the European Data Protection Supervisor. Her paper focuses on the concept of purpose limitation, and the question whether or not it is still compatible with today’s data economy. Developments in privacy sometimes go so quickly, it is almost impossible to keep up.Join us as we discuss purpose limitation and validating the concept against big data and common practices worldwide on the use of personal information. During this conversation, we cover a recent complaint in Austria against a credit rating agency, Article 5 of the GDPR, and characteristics of what Hahn terms data power companies: omnipresence in digital environment (builds insight into individuals lives), data volume (acquires and controls flow and repurposing), and ability to aggregate data. She believes that these three features combined lead to an asymmetry of value and a level of pervasive interference that is simply inequitable to the average consumer. You will also hear about compatible uses, using legitimate interests to balance the need or desire for new uses of data, and contextual integrity as discussed by Helen Nissenbaum. Lastly, because of course we have to address it with such a promising new professional - what is next in Isabel’s plan - does she intend to continue with privacy as a career? As always, if you have comments or feedback, please contact us at email@example.com.
36 minutes | Apr 7, 2021
On Cloud 9 for the EU Cloud Code of Conduct
Demonstrating compliance is certainly not always easy, but under many laws, including the GDPR, it is a mandatory requirement. To facilitate the process, codes of conduct and certification schemes are becoming more popular, and it is no wonder they have been included in the GDPR as well. As we are on the verge of seeing the first codes of conduct to demonstrate GDPR compliance approved, Paul Breitbarth and K Royal discuss the EU Cloud Code of Conduct, which TrustArc is proud to support. Join us and learn more about what the EU Cloud Code of Conduct entails, how it is supposed to work and what the benefits are of adhering to such a code. Oh, and don't be surprised for a little April Fools and Easter conversation this week too - the recording was made on 1 April... As always, if you have comments or questions, please contact us at firstname.lastname@example.org. ResourcesA downloadable version of the EU Cloud Code of ConductDetails on the future Third Country Module, intended for international data transfersWebinar with Paul on the Third Country Module
37 minutes | Mar 31, 2021
You Lost Me at Disinformation (with Wayne Unger)
This week on Serious Privacy, Paul Breitbarth and K Royal, connect with Wayne Unger, a recent law school graduate, that is already very much embedded in the privacy profession. As a non-traditional student, Wayne was an experienced professional and quickly dove into the academic side of privacy with the intent to combine the scholarship and practical side of privacy. Wayne has authored three law journal articles, two of which are published and one is scheduled - going through a rewrite currently as he will discuss why during the conversation. The two published ones are: Katz and Covid-19 How a Pandemic Changed the Reasonable Expectation of Privacy Expectation of Privacy in the Hastings Science and Technology Law Journal and Reclaiming our Right to Privacy by Holding Tech Companies Accountable in the Richmond Journal of Law and Technology. In addition, Wayne has done a TEDx talk (modified given the circumstances) through TEDxASU program on Reclaiming our Right to Privacy. Join us as we explore what brought Wayne to privacy, interdisciplinary technologies and cross-functional approaches to privacy. We also discuss credit scores, supply chains (along with a possible new venture), and the public’s awareness of privacy increasing - including the veracity of claims to anonymized data given the possibilities of re-identification. Paul added in an article on Estimating the success of re-identification in incomplete datasets using regenerative models. Altogether a fascinating conversation that includes a ship stuck in the Suez canal (which was freed March 26).As always, if you have comments or questions, please contact us at email@example.com.
36 minutes | Mar 26, 2021
A March on Privacy: Paul and K
Developments in privacy sometimes go so quickly, it is almost impossible to keep up. In this episode of Serious Privacy, K Royal and Paul Breitbarth, talk about many of these recent developments in order to bring you up to date again. Join us as we discuss the forthcoming stricter enforcement of cookie rules in France, a German court case prohibiting nudging end users towards accepting a privacy unfriendly option, and yet another set of CCPA Regulations. We welcome the appointments of the very first members of a specific privacy regulator in the U.S. (when will they join the Global Privacy Assembly?) and we talk about a court case in which a private right of action did prove to be possible under HIPAA. You will also hear about the Arizona legislative debate about in-app purchase, possibly forcing Apple and Google to accept more payment methods than they do so far. Alas, the vote did not take place in the end. Finally, we break down some of the highlights of the Virginia Consumer Data Protection Act. As always, if you have comments or feedback, please contact us at firstname.lastname@example.org.Social MediaTwitter - @podcastprivacy, @trustarc, @EuroPaulB, @heartofprivacy, Instagram - @SeriousPrivacy
36 minutes | Mar 16, 2021
FDIC’s Chief Innovation Officer: Paper Clips and PbD (Sultan Meghji)
In this episode of Serious Privacy, K Royal and Paul Breitbarth host the new and first Chief Innovation Officer of the Federal Deposit Insurance Corporation (FDIC) in the US, Sultan Meghji. Sultan has a rich history as co-founder of Neocova which specializes in AI software for financial institutions, an adjunct professor at Washington University’s Olin Business School, a scholar of the Carnegie Endowment for International Peace, and an alum of the FBI Phoenix Citizens Academy - where he met K over a decade ago. But as the first Chief Innovation Officer, the initial focus is on - what is his job description?It is clear that Sultan’s expertise flows across a broad span of what Serious Privacy’s listeners are interested in, such as security and privacy by design, technological innovation in the financial services, and how the US fits into the global market. Given that Sultan is new to the role, he does not yet have any major policy initiatives to announce, but did provide a teaser on some tech innovation which we should see come out in the near future and which fulfills the FDIC’s desire to advance financial technology on a rapid pace of adoption. Join us as we discuss how the financial market has changed in the past few decades with artificial intelligence, cyberevents, and the ripples of the interconnectedness of the market and technology. We also peek into what the next few decades may look like, but the new normal that we are in, it is difficult to predict any certain future. We also discussed ransomware as a service, engineering resilience, and advantages of liberal democracies. Sultan did emphasize that he wants to hear from the public on ideas for or problems with financial services and technology and he can be reached at email@example.com. As always, if you have comments or feedback, please contact us at firstname.lastname@example.org.
39 minutes | Mar 9, 2021
Data Bunnies: the Internet, VPN, and Crypto (Dr. Steven "Seven" Waterhouse)
In this episode of Serious Privacy, K Royal and Paul Breitbarth connect with Steven (Seven) Waterhouse, PhD, CEO and founder of Orchid, a crypto powered VPN. Given his expertise and how it is harnessed for Orchid, we felt Seven would have quite a bit of technical insight into technologies commonly discussed in conjunction with data protection. He did not disappoint. In this episode, Seven provides insight into the technical side of privacy and the foundations that underpin most concerns - the internet. But in addition, we discuss virtual private networks for consumers and enterprise - from the perspective of blockchain and crypto. The explanations are easy to digest for those who are not technical minded, but the conversation rises to the level that a technologist can appreciate the discussion. It is well-balanced. Join us as we discuss in app purchases, a bill in Arizona on in-app purchases, ISP, and encryption. There is an “Easter egg” in there referencing back to one (or several) of our prior episodes. We also discuss reporters and safety in third world countries related to their communications, the matrix, bunnies, and privacy-focused technology. In addition, Orchid is offering a summit March 23-24 that is free (plus, TrustArc is doing a summit this week, also free). As always, if you have comments or feedback, please contact us at email@example.com.
38 minutes | Mar 2, 2021
Data Diversity: Not just 1s and 0s (with Shoshana Rosenberg)
In this episode of Serious Privacy, K Royal and Paul Breitbarth connect with Shoshana Rosenberg, Deputy General Counsel for Privacy, Cybersecurity and Data Strategy, as well as CPO and Vice President at WSP USA. However, our conversation is more around the focus of SafePorter, a data trust providing valuable business insights, while respecting the privacy of employees. In essence, the topic is how to address diversity, inclusion, and equity efforts and goals without compromising employee sensitive data. For example, companies should consider inclusivity in their hiring opportunities and internally within development operations, but there is a challenge in understanding progress without having to collect and understand the diversity among applicants and employees. Certainly, this topic touched on social justice issues that the podcast has discussed before, but this time, the conversation centers more on how companies can achieve their goals and before that, why they should have these goals.Shoshana talked about developing Inclusion by Design and holding vendors accountable for inclusivity in their processes. Not an easy effort to manage, but yet with the right focus and goals, achievable. This expands pain points into opportunities to improve and engage corporate social responsibility. Join us as we discuss IbD in DevOps and being privacy centric, all while managing sensitive information of employees. We also touch on K-anonymity, the UK diversity and inclusion impact assessment, and potential non-profit or volunteer opportunities for privacy professionals.As always, if you have comments or feedback, please contact us at firstname.lastname@example.org.Social MediaTwitter@privacypodcast, @trustarc, @EuroPaulB, @heartofprivacyInstagram@SeriousPrivacy
33 minutes | Feb 23, 2021
Back to our Roots - A Week in Privacy with Paul and K
In this episode of Serious Privacy, K Royal and Paul Breitbarth provide an update on recent happenings in both Europe and the US, some of which are surprising and the other makes no waves across the ocean.First, an unexpected agreement on the ePrivacy Regulation by the EU Members States. This does not mean that the regulation is passed - on the contrary, the Parliament and the European Commission are nearly at polar opposites. They will now enter what is called the “trialogue” where the various parties have to reach an agreement. The ePrivacy Regulation has been in discussion for years with the original intent to enter into effect alongside the EU General Data Protection Regulation (GDPR), but alas, such did not happen. Meanwhile, there is not a draft adequacy decision for the United Kingdom - there are two. In a never-before-seen event, the EU Commission issued two draft decisions - one for the GDPR and one for the law enforcement directive. The European Data Protection Board will now issue an opinion, which is not binding. However, the interim agreement for trade between the EU and UK will expire June 30, 2021 and cannot be extended. So a decision must be made. On the other side of the ocean, the US is seeing some movement in the Health Insurance Portability and Accountability Act (HIPAA), which does not happen often. Current proposed revisions include proposed enhancements to patient rights, but two other recent happenings include 1) a law passed (HR7898) to provide a cybersecurity safe harbor if a practice has implemented cybersecurity practices and 2) a recent safe harbor for cybersecurity tech donations. Further, they briefly reviewed enforcement waivers due to COVID 19 that have been issued by the Department of Health and Human Services. As always, if you have comments or feedback, please contact us at email@example.com.
41 minutes | Feb 18, 2021
In my free time: Podcast and data broker analytics (with Ralph O’Brien and Jeff Jockisch)
In this episode of Serious Privacy, K Royal is joined by guest co-host Ralph O’Brien to speak about what one privacy professional did with his free time over the pandemic. Most of us may have started a new hobby - so did Jeff Jockisch, founder and CEO of PrivacyPlan. First, he achieved his Certified Information Privacy Professional for US privacy law from the International Association of Privacy Professionals.His studying process took him to books such as Peter Swire’s, and privacy podcasts. But he did not stop there. He created a database of podcasts on privacy and he publishes his database, including weekly favorites for specific episodes, on LinkedIn. Many of us have found this to be insightful and helpful, but we were curious how he started in this and why. So we asked Jeff to come onto the show and discovered there is much more to his analytics than podcasts.Join us as we also discuss data brokers in detail, including how many he has documented (take a guess) and how he gathers his information. We also discuss biometric identifiers, de-identified information, data localization, and consent. Whether you are a privacy professional or someone who wants to learn about how companies manage your information, this is great information to know.As always, if you have comments or feedback, please contact us at firstname.lastname@example.org.
38 minutes | Feb 9, 2021
From Frozen to Ultron - the hot privacy topics (with Ralph O'Brien)
In this episode of Serious Privacy, K Royal is joined by guest co-host Ralph O’Brien, who brings that United Kingdom perspective to data protection. As a well-known and respected privacy professional, Ralph took the opportunity to discuss some of the current hot topics in privacy with K, such as the impact of #Brexit on managing privacy programs in Europe. Join us as we discuss the UK General Data Protection Regulation and how it was adopted and adapted from the EU GDPR and what might change in the approach companies take to appointing a local representative or designating a data protection officer. In addition, they touch on Schrems II, genetic testing, facial recognition, and risk-based privacy controls. It’s a lively discussion where the conversation goes where it may, and Ralph and K learn how much they have in common. And of course, there were references to both Harry Potter and the Avengers in terms of exploring what a new data transfer mechanism between the US and the EU would be called.As always, if you have comments or feedback, please contact us at email@example.com.
41 minutes | Jan 28, 2021
A Work in Progress: A View Inside the Irish DPC (with Helen Dixon)
Happy Data Protection Day! Paul Breitbarth and K Royal kick off Season 2 of the Serious Privacy podcast with a special guest, Helen Dixon, Data Protection Commissioner for Ireland. She is probably one of the best known data protection regulators around the world, with her office having the duty to supervise most major tech companies doing business in Europe. That comes with a lot of public scrutiny, and also with some fierce criticism. In this episode, Commissioner Dixon talks about her plans for 2021, which have been publicly disclosed. But of course, we covered some of the major developments in 2020, such as the Court of Justice of the European Union decision on Schrems II back in July, as well as the first financial penalty for a US tech company. The Irish Data Privacy Commission has not been slacking off in the past year, with over 6,000 complaints, more than 7,000 breach reports, and multiple consultations, including input on COVID tracking apps and issuing guidance on CCTV. Join us as we discuss what the workload under the General Data Protection Regulation has meant for personnel needs in her office, as well as addressing why the Irish DPC handles so many cases on US tech companies. In addition, we talked about the issues in international data transfers, including the appointment of Christopher Hoff in the US to lead the negotiations of a replacement for the invalidated EU-US Privacy Shield. We also touched on data ethics, accountability, and how to build a compliant corporate program. It’s all a work in progress.ResourcesIrish Times on the DPC resource constraintsIrish DPC Twitter Decision
36 minutes | Dec 29, 2020
The Best of 2020: When Privacy Got Serious
We look back to January 2020 - with no crystal ball for Serious Privacy with Paul Breitbarth and K Royal. With 47 episodes and over 25,000 downloads, Season 1 of Serious Privacy is complete. Thank you to our fans! Season 2 starts Global Privacy Day 2021. Our initial ideas were a little different, but K and Paul found their rhythm and a following. Join us as we look back, play some of our favorite moments, and look ahead to 2021. Our most popular episodes were What Now Right Now? Assessment of the EU Schrems II Decision with Gabriela Zanfir-Fortuna of the Future of Privacy Forum and Sophie in ’t Veld, which we put together the same day; Wildly Successful: An Unexpected Career in Privacy with Emerald de Leeuw; and Privacy on the Front Lines: A View from LA with Lillian Russell. We had phenomenal speakers from around the world (such as Travis LeBlanc, Profs. Dan Solove and Paul Schwartz, Sophie Kwasny, Fabricio da Mota Alves, Vivienne Artz, Marie Penot, Annelies Moens) and amazing topics (such as Sharenting, a tribute to Ruth Bader Ginsburg, Schrems II guidance, laws from around the world , social justice, women in privacy, data science, and gaming)Please see the full blog entry for a more complete listing. Check out all the episodes!Thank you and we look forward to 2021.Social MediaTwitter@podcastprivacy, @heartofprivacy, @EuroPaulB, @TrustArcInstagram @SeriousPrivacy
Terms of Service
Do Not Sell My Personal Information
© Stitcher 2021