Privacy & Security Insights with PICCASO

In this episode on "AI Regulation, Governance and Data Privacy Implications", Jenna Franklin brings firsthand insights about the influence of landmark regulations like the EU AI Act and discusses both the advantages and challenges these laws present to innovation and privacy. This episode shares essential strategies for developing effective AI governance programs that ensure responsible AI use and compliance with existing laws. It is imperative that organisations establish robust AI governance programs to effectively manage risk and ensure compliance as legal standards continue to evolve.

In this episode on "Privacy and Blockchain" Ash Costello points out the challenges that blockchain entities face in complying with GDPR requirements due to the inherent characteristics of blockchain and distributed leger technologies, such as immutability and global accessibility.Ash proposes several potential strategies for mitigating risk through transparent disclosure and informed consent for the use of personal data.

In this episode on "The Role of Privacy in ESG" by Julia Bonder-Le Berre, Head of Global Privacy at Iron Mountain she explores the integral role of privacy in the evolving ESG landscape, emphasising its connection to environmental impact, social responsibility, and governance practices.The discussion underscores the potential for organisations to boost their ESG ratings by prioritising privacy principles and advocates for the establishment of global privacy ESG standards as a market differentiator for responsible data governance.

In this episode on "Data Privacy Risk - How To Navigate The Complexities" by Nick Graham, Partner at Dentons Law Firm as he delves into the complexities of data privacy risk, emphasising the evolving legal landscape with a surge in global data privacy laws.The impact of technology, especially generative AI, is highlighted in the context of compliance challenges. Nick discusses various existing frameworks and introduces the PICCASO Privacy Risk Assessment Methodology, launched in November 2023, offering practical insights, metrics, and tools for effective privacy risk management. To read the latest article related to this topic, click here: https://bit.ly/3NafLD0

In this episode on "Blockchain and Privacy - are they contradictory? Vivienne highlights the growth of digital money and cryptocurrencies in the blockchain space and the rising need for privacy to become part of the conversation. The increasing reliance and prevalence of this new form of money and banking in the world raises the question of how privacy can be integrated into blockchain design. Vivienne writes about the various resolutions that need to be addressed as the technology continues to evolve and serve multiple markets. She emphasises several challenges that arise when implementing privacy by design principles within dynamic ecosystems and points out that as the technology becomes more established and increasingly accessible to more consumers, there is a role for the privacy community to engage and help navigate the way forward.

In this episode on "Measuring the Effectiveness of Privacy Regulation' Steve Wright explores the complexity of evaluating privacy regulation effectiveness. He emphasises the need for assistance from external experts, including regulatory authorities, researchers, industry representatives, and civil society organisations. Evaluating privacy regulations requires careful consideration and collaboration due to the multifaceted nature of the task. It's crucial to select accurate data sources and acknowledge that the effectiveness of privacy regulations can change with evolving technology and societal norms.

In this episode "Data Ethics: A Question of Trust?" Cameron Craig will discuss how companies cause potential negative impacts of data collection, use and sharing on individuals and society.It is crucial for businesses to address these ethical challenges by developing clear ethical principles, adopting common assessment frameworks, establishing governance structures, integrating ethical principles into existing frameworks, and providing effective training and communication within the organisation.

In this episode "Managing Third-Party Supplier Risk- a Data Privacy Perspective" Kirsten Mycroft will discuss how companies can outsource data processing activities, whilst they cannot outsource accountability for data protection.She will provide valuable insight on this critical topic and practical tips for effectively managing data privacy risks in third-party outsourcing arrangements.

In this episode, we speak with Graham Hunt, Director of Insights and Data at Capgemini (UK) and Natasja Pieterman, Data Privacy Lead at Capgemini (NL), to explore one of the most significant technological advancements of our time: Generative AI. Graham and Natasja share their perspectives on the implications of Generative AI for the future of privacy. Throughout this episode, they address the following key questions:The practical applications of Generative AI in strengthening privacy protection.The influence of Generative AI on the data protection industry.The frameworks and structures that should be established to safeguard the various applications of Generative AI.Ethical considerations that businesses and developers ought to contemplate.Tune in to gain insights into the effects of generative AI on the landscape of data privacy. Our guests shed light on pertinent issues that businesses and organisations should consider as they integrate this emerging technology into business operations.

In this episode, we had a conversation with Dr Philipp Raether, Group Chief Privacy Officer at Allianz, about the significance of Privacy by Design and Default (PbD) and the protection of personal data within a multinational corporation. Within this podcast episode, Dr Philipp delves into the intricacies of embedding privacy by design, outlining the meticulous steps that yield the desired outcomes. Our discussion encompasses the following subjects:Integrating PbD into AI tools.Tackling data minimisation in AI undertakings.Navigating challenges encountered while implementing PbD within a worldwide context.Devising strategies to uphold PbD throughout the project lifecycle.Discover the fundamental principles of Privacy by Design and the importance of incorporating these strategies into your privacy programmes, contributing to a strong privacy ethos.You can read Dr Philipp’s article here and learn more about PICCASO at www.piccaso.org.Sign up here to join our growing community and to stay up to date with PICCASO.

In this episode, we discuss Retention & Deletion - The Data Lifecycle with Paul Jordan, the Chair of PICCASO. Paul explores organisations' critical challenges in maintaining strict data policies aligned with GDPR and other data privacy laws.The ever-growing collection of personal and non-personal data in the digital age calls for careful planning and documentation of the data lifecycle.Unfortunately, many companies overlook the importance of retention and deletion in their data governance efforts, leading to potential risks and legal exposure.Discover the fundamental principles of data lifecycle management that can strengthen data retention and deletion processes, ensuring better privacy protection under GDPR.

In this first episode of Privacy Insights with PICCASO, Senior Security Specialist at Microsoft Anne Woodley discusses her article on AI as a Security Ally and the opportunities that this emerging technology creates for the global security landscape.In this podcast episode, some of the ideas we discuss include:The intersection of AI and the cloud in the context of cybersecurity and data protection.The benefits of harnessing the power of the cloud and leveraging AI to analyse data effectively.Evaluating the effectiveness and reliability of AI-powered security solutionsYou can read Anne's article and learn more about PICCASO at www.piccaso.orgSign up here to join our community and to stay up to date with PICCASO, upcoming events and our podcast episodes.