Claim Ownership

Author:

Subscribed: 0Played: 0
Share

Description

 Episodes
Reverse
In this episode of Serious Privacy, Paul Breitbarth of Catawiki and Dr. K Royal of Outschool take some time to review recent events in the privacy / data protection world. This week, this means they cover the Connecticut Act concerning Personal Data Privacy and Online Monitoring Act - the PDPOM… Paul has a cool name for it. Connecticut’s act passed on May 10, 2022 and takes effect July 1, 2023 - along with CPRA and Virginia on January 1, 2023; Colorado also on July 1, 2023; Utah on December 31, 2023  Please also see the recent state laws webinar from TrustArc and the state whitepapers.This leads into the Roe v. Wade US Supreme Court leaked draft decision and then on to Europe with a study conducted  by the  Radboud University in the Netherlands, imec-COSIC, KU Leuven (a Catholic research university in the city of Leuven, Belgium), and University of Lausanne in Switzerland. These researchers looked at thousands of websites and their “leaky forms.” Leaky forms are those that capture data before the individual submits it, so companies get a lot of data that they should not have, including passwords. This may not be purposeful, but it is concerning. The full paper is published here.As always, if you have comments or questions, let us know - LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy @trustArc and email seriousprivacy@trustarc.com. Please do like and write comments on your favorite podcast act so other professionals can find us easier. 
In this episode of Serious Privacy, Paul Breitbarth  and Dr. K Royal connect with Victoria Beckman, the lead over Microsoft Digital Crimes Unit for the Americas and an award-winning woman in cybersecurity. Victoria is a former law student of K’s at the Sandra Day O’Connor College of Law at Arizona State University and they both wound up in privacy-related fields. Of course, Victoria’s route to her current role was quite indirect, including a background in engineering.We focus on a recent special report by Microsoft on the cyberwarfare being conducted in the Ukraine by Russia, aloing with Microsoft’s annual digital defense report, the last one issued in 2021. Join us as we discuss these hot topics, along with data protection basics, such as passwords (as also discussed by K and her husband Tim in episode 34 in season 2) and phishing attacks. As always, please feel free to reach out to us at seriousprivacy@trustarc.com or on LinkedIn for Serious Privacy and TrustArc (as well as Paul and Dr. K). You can reach us on Twitter @TrustArc @PodcastPrivacy @EuroPaulB and @HeartofPrivacy. Please also rate and review us in your favorite podcast app and share us with your friends. 
In this episode of Serious Privacy, Paul Breitbarth introduces an episode where Dr. K Royal caught up with several individuals at the IAPP Global Privacy Summit held in Washington DC at the Marriott Marquis. It was a truly wonderful event, the first Global privacy Summit since 2019, with thousands of privacy professionals in attendance. Attendees included professionals from all over the world, those with nonprofits, with private companies, with start-up companies, government representatives, in-house and outside firm attorneys, security professionals, regulators, and more!Join us to listen to snippets of conversation with some people you may know and some you may not. Featured in this episode are Trevor Hughes, CEO of the IAPP, Eduardo Ustaren of Hogan Lovells, David Cohen of IAB, Emil Ochotta with Google, Jörn Wittmann and Gabriela Mercuri with Scope Europe, and ShanShan Pa now with State Street. Although K Intended to include short snippets from some truly world class keynote speakers and some of the sessions that she attended, the sound quality just wasn't good enough to be able to add them. We're pretty sure the IAPP will include some recordings but if they don't - just know if you weren't there, you missed a really good conference.As always, please do rate and review us in your favorite podcast app - and if you let us know, we will send you a sticker!
This episode of Serious Privacy, sponsored by TrustArc, heads south to Africa. Paul Breitbarth of Catawiki and Dr. K Royal of Outschool chat with Teki Akuetteh, the first Executive Director of the Ghana Data Protection Authority and current Chair of the Africa Digital Rights Hub.  The conversation covered quite a bit of ground, starting with how privacy has developed in Africa, cybersecurity, and how enforcement has grown demonstrating the advance of privacy in Africa as a whole, although some nations are a little more ahead than others.Topics touched on some countries, such as Ghana, South Africa, and Burkina Faso, alog with the awareness of data privacy in the public realm. Also, the role technology and telecoms in particular contribute to the need and the drive of data privacy.  Join us as we discuss Teki's experience in the developing tech world in Africa, the challenges and successes she has seen, and how she got into the field to begin with. As always, you can catch Serious Privacy in your favorite podcast app or listen to it straight from your device. Please do let us know what you think about the topics and what you might want to hear. Rate and review us - that always helps! and connect with us on LinkedIn or Twitter. @EuroPaulB @HeartofPrivacy @TrustArc @PodcastPrivacy. Remember to check for upcoming webinars and ask about Privacy Central from TrustArc.
On this episode of Serious Privacy, sponsored by TrustArc, Paul Breitbarth and K Royal some with Angelique Carson. Angelique is currently with TerraTrue but Paul and K know her best from when she was with the IAPP, International Association of Privacy Professionals. Angelique had launched the IAPP's podcast years ago,  where K was one the very first guests.The conversation flows from podcasts with its challenges and triumphs to how the privacy profession has grown over the past decade. They also discussed how professionals, whether attorneys or not,  can enter the hottest growing field.  The barriers to entry aren't insurmountable, but being successful does require a certain perspective. And if you are looking for the GDPR website K was referring to - you'll find it here.Join us as we reminisce and review what it means to be in privacy,  the changes we've seen worldwide,  and our perspective on the state of this fascinating field.In addition,  K and Angelique are attending the IAPP's Global Privacy Summit in DC April 11 - 13. This is the first GPS in three years and it's sure to make history.As always, if you like the Serious Privacy podcast, tell everyone -rate and review us in your favorite podcast app. You will find us on LinkedIn and Twitter @podcastprivacy, along with TrustArc, K as @heartofprivacy and Paul as @EuroPaulB. 
In the 100th episode of Serious Privacy, Paul Breitbarth and Dr. K Royal connect with two of the biggest names in the privacy field, Chris Babel, the CEO of TrustArc and Hilary Wandall, Chief Compliance Officer at Dun and Bradstreet. Both Chris and Hilary were instrumental in launching Serious Privacy and critical to its success.In this completely unscripted and candid conversation, the four of them touch on both philisophical aspects of privacy and practical application. No topic was off limits! They ranged from the replacement to Privacy Shield to the growth of privacy as a career to ESG. Join them for a rousing discussion - that goes a little longer than usual. And as a special treat, we also have an interview with Immaculate Kassait, the Data Commissioner of Kenya. Feel free to comment on Twitter (@podcastprivacy @trustarc @euroPaulB @heartofprivacy) or on LinkedIn for Serious Privacy your thoughts in response.Don't forget to catch K at IAPP Global Summit April 11 - 13 for stickers and spur-of-the-moment interviews and also register for upcoming TrustArc webinars.
On this episode of Serious Privacy, Paul Breitbarth of Catawiki and Dr. K Royal of Outschool review what might seem to be small events in privacy developments, but are really robust once reviewed. They touch on a spotify case in Barcelona, the Spanish Data Protection Commissioner search on hold, and events in Belgium. In addition, on the US side, a DC judge ruled that Mark Zuckerberg could not be added to the Cambridge Analytica case personally.At the same time, the Irish DPC entered the first Article 60 review and issued Facebook a $17M fine.  The DPC is also facing a lawsuit by the Irish Council for Civil Liberties. Meanwhile, the New York police department is facing a lawsuit for its massive DNA database that they have collected over the years. Lastly, the Zoom DPIA by Sjoera Nas (please see the prior podcast with her on DPIA processes). Next week is our 100th episode. Tell us what you'd like to hear and thank you for being our friends!As always, if you like the Serious Privacy podcast, tell everyone -rate and review us in your favorite podcast app. You will find us on LinkedIn and Twitter @podcastprivacy, along with TrustArc, K as @heartofprivacy and Paul as @EuroPaulB. 
In this episode of Serious Privacy, Paul Breitbarth and K Royal catch up with the renowned Kirk Nahra, co-chair of both the Big Data Practice and the Cybersecurity and Privacy Practice for WilmerHale.K and Kirk have known each other for years - mostly related to US healthcare law, long before Kirk won the IAPP Vanguard Award in 2021. They discuss the US Health Insurance Portability and Accountabilit  Act of 1996, along with its subsequent amendments, known as HIPAA. But they also discuss information blocking and protecting COVID-19 data in this current global environment, and the reputation of US privacy laws.Join us for a lively discussion of privacy, adult kids, and teaching privacy at US law schools. Kirk also talks about an insightful journal article he always references in his class. As always, if you like us - tell the world! You can find us on Twitter @podcastprivacy @trustarc @europaulb @heartofprivacy.  We're also on LinkedIn. We are coming up to our 100th episode, so let us know if you have any questions you'd like us to address. Register for the TrustArc Webinar How to Prepare Your Business for Privacy Changes in the Middle East & North Africa on March 29 at 9 am PST.
We live in strange times that often remind us how important it is to live our lives in freedom and to enjoy our fundamental rights. This week on Serious Privacy, Paul Breitbarth and K Royal talk about the war in Ukraine, but also about a lot of data protection related developments around the world. Topics include the new privacy law that is awaiting the Governor’s signature in Utah, proposed changes to the Budapest Convention on Cybercrime and the response of the European Data Protection Board to it, new guidance on using codes of conduct to transfer personal data out of Europe, getting started in a new data protection role and more. As always, please feel free to share your thoughts with us. Follow us on LinkedIn as Serious Privacy and on Twitter @podcastprivacy @EuroPaulB and @HeartofPrivacy. ResourcesThe Utah Consumer Privacy ActThe Council of Europe Budapest Convention on CybercrimeSecond additional protocol to the Budapest ConventionEDPB response to the Second additional protocolEDPB guidelines on codes of conduct to transfer personal data
This week on Serious Privacy, Paul Breitbarth and K Royal speak with Sjoera Nas. Sjoera is a long time privacy professional and privacy activist. She became involved with digital rights in the late 1990s and early 2000s, while working for the Dutch internet service provider XS4all, and later for civil rights group Bits of Freedom. But Sjoera is probably best known for her work at the Dutch Data Protection Authority, where she took the lead within the so-called Internet Team, leading investigations into anything that was happening online, from cookies and trackers, to interactive television, search engines, and picking long fights with ICANN on their WhoIs register and telco’s on data retention. Since four years, Sjoera is a consultant for Privacy Company, still based out of the Netherlands, but doing work with global impact. Together with her team, she writes extensive data protection impact assessments on a range of cloud services, like Office365, Google Workspace and Microsoft Sharepoint and OneDrive. Her customer: the Dutch government and higher education system, which surely helps when it comes to negotiating risk mitigation measures. During this episode, we talk at length about conducting technical deep dive DPIAs, that everyone can benefit from, and negotiating risk mitigating measures with Big Tech. But we also cover international transfers (remember those?) and Google Analytics alternatives.As always, please feel free to share your thoughts with us - therewill be a year end show on the best episodes. Get your vote counted! Follow us on LinkedIn as Serious Privacy and on Twitter @podcastprivacy @EuroPaulB and @HeartofPrivacy. ResourcesThe blog posts linked below contain the summaries of each of the DPIAs referred to during the podcast. Via the blog, you will also find the full DPIA document, including annexes, to read. Even though they are lengthy, we highly recommend reading and using them if your company uses any of these products.The Privacy Company blog Blog post about the DPIA for Microsoft Sharepoint, OneDrive and TeamsBlog post about the DPIA for Google WorkspaceBlog post about the DPIA for Office365Blog post about Google Analytics alternatives (in Dutch only)SLM Rijk (the Shared Service Center for the Dutch Government) DPIA Overview The NoGA project (No Google Analytics)
In this week of Serious Privacy brought to you by TrustArc, Paul Breitbarth  and K Royal share some news, discuss current events, and review both recent privacy developments and upcoming guests for the show. Topics covered include decisions involving tech companies, such as Facebook, Google, and Grindr, as well as general information on assessing risks. Join us as we discuss privacy from our perspective in the midst of a war in Europe. Our hearts and prayers go out to those impacted, most especially the people of Ukraine. Please also register for the upcoming TrustArc webinars, the next one on March 8 on COVID-19, Two Years Later – Still A Data Privacy Challenge. Click to register here.  Also, if you are wondering if tracking privacy efforts using spreadsheets is sufficient, check out this blog. 
In this week of Serious Privacy by TrustArc, K Royal and Paul Breitbarth have a conversation with Anne-Charlotte Recker and Julian Deckers of the Belgian Data Protection Authority. Both work for the DPAs Litigation Chamber, which on 2 February 2022 released their long-awaited decision on the legality of the Transparency and Consent Framework (TCF) developed by the Interactive Advertising Bureau (IAB). The decision will likely have a significant impact on the future of cookie banners. Not only did the Belgian DPA find that the current banners following the TCF model are not transparent enough, they also use legal bases for many data collections that are not possible.Join us as Anne-Charlotte and Julian explain all about the background of the procedure, the decision that was made and what to expect next. They also explain the concept of Real-Time Bidding that is used in online advertising (the PhD Thesis of dr. Rob van Eijk on this topic can be found here). Since our recording, the Dutch DPA has indicated to various media outlets that the use of the IAB TCF in the Netherlands should be ended effective immediately, thus going a step further than the Belgian DPA. Thank you for listening to another episode of Serious Privacy. If you like our series, please do tell your friends and colleagues about us, and rate and review our episodes in your favourite podcast app or on your favourite podcast platform. Should you have any questions or suggestions, please reach out to us via seriousprivacy@trustarc.com or info@seriousprivacy.eu, or via Twitter at @podcastprivacy. You find us on LinkedIn as Serious Privacy. You will find On Twitter, look for @TrustArc, @heartofprivacy, and @EuroPaulB.
In this week of Serious Privacy by TrustArc, K Royal and Paul Breitbarth catch up with one of the oldest and most respected names in privacy, Marty Abrams, the Executive Director and Chief Strategist of the Information Accountability Foundation. Marty has 35 years of experience as an information and consumer policy innovator. Multi-stakeholder collaboration has been a key for him in developing practical solutions to dilemmas in information policy. The IAF has among other things prepared reports on Trustworthy People Beneficial Data Activities and on Fair and Ethical Data Processing, as well as drafted model privacy legislation for countries, including the United States, around the world. Join us as we discuss the United Kingdom and their recent activities in law, AI, such as training data for machine learning, and legitimate interest for advertising data. The IAF responded to the call for consultation. Marty also shared his thoughts on whether the GDPR, as it currently stands, can last 20 years. Other topics include cross-border transfers of data, government transparency, and model legislation.Thank you for listening to another episode of Serious Privacy. If you like our series, please do tell your friends and colleagues about us, and rate and review our episodes in your favorite podcast app or on your favourite podcast platform. Should you have any questions or suggestions, please reach out to us via seriousprivacy@trustarc.com or info@seriousprivacy.eu, or via Twitter at @podcastprivacy. You find us on LinkedIn as Serious Privacy. You will find On Twitter, look for @TrustArc, @heartofprivacy, and @EuroPaulB.
On 28 January 1981, the Council of Europe opened up the Convention 108, the world’s first globally binding instrument on the protection of personal data.  Since 2007, the privacy community celebrates International Data Protection Day (Data Privacy Day). For  #SeriousPrivacy, it is our season launch. K Royal and Paul Breitbarth talk about many of the recent developments in data protection and we play a new game: Privia Pursuit. Let us know if you think it has potential. Join them for a broad discussion that involves  TrustArc’s Webinar on India, Saudi Arabia data protection legislation, China’s PIPL, Quebec Bill 64 ( Serious Privacy episode with Constantine Karbaliotis and Jennifer Stoddart), US state laws (please see TrustArc’s paper on US State legislation), and Google analytics (see Dutch DPA’s Google Analytics guidance (in Dutch), Austria DPA’s Google Analytics decision,  EDPS Google Analytics decision,  Guernsey DPA, and Danish DPA). We also touch on the Dutch class action that was thrown out, and the cyber attack on the ICRC.It’s not all work - we also include the Mauritshuis museum in The Hague, Disney’s Encanto, and Paul’s paper on a Risk-based Approach to International Data Transfers in the European Data Protection Law Review.Please follow us on your favorite podcast app - we love ratings and comments. We're also on Twitter (@podcastprivacy, @trustarc, @euroPaulB, @heartofprivacy), and on LinkedIn for Serious Privacy. 
This week on Serious Privacy, Paul Breitbarth and K Royal say goodbye to season 2 of Serious Privacy and look forward to season 3. 2021 might be a year that many of us actually would like to forget but for the privacy community, it was an exciting year and a lot of good things have happened. We have new laws, new guidance, more enforcement and court decisions, and a continuously expanding field of privacy professionals. The podcast continued to grow - this is the 91st episode and well over 50,000 downloads to date - and received wide recognition, including from the master of the privacy podcast directory Jeff Jockisch! A few weeks ago, you already heard predictions from lots of IAPP Brussels visitors for 2022. Today, you’ll hear ours. Will they come true? Do you agree? We had amazing guests on this season and our first season. It is difficult to choose which ones to feature in this episode. Some episodes are chosen by the listeners, so those are easy, but the others - not so easy at all. You will hear select clips from Helen Dixon about international investigations and dealing with criticism, Romain Robert with noyb (about enforcement taking time), tracking and dark patterns, from episode 36 (Jocelyn Paulley, Partner at Gowling WLG in London and Lindsey Schultz, Senior Counsel at Global Privacy for Visa), Eric Cole (cybersecurity and ethical hackers - episode relevant again because of Log4Shell), and Emerald de Leeuw (recommendation for Paul to get started) - along with information on PIPL and SCCs. As always, please feel free to share your thoughts with us - therewill be a year end show on the best episodes. Get your vote counted! Follow us on LinkedIn as Serious Privacy and on Twitter @podcastprivacy @EuroPaulB and @HeartofPrivacy. 
This week on Serious Privacy, Paul Breitbarth and K Royal take some time to review recent events or developments in privacy and data protection. With little happening in the U.S. (where is Ohio’s privacy law?), the focus is more on Europe and India. K and Paul discuss the European Data Protection Board’s recent guidance on international transfers, the new decision by the Wiesbaden court (in Hesse, Germany) on cookies and the U.S., and the highest fine to date in the Netherlands. Join K and Paul as they explore what the U.S. Cloud Act has to do with cookies. It’s not really clear, but more information has come with the publishing of the interim order. And lastly, there is news to share on a personal level. Tune in to find out. As always, please feel free to share your thoughts with us - therewill be a year end show on the best episodes. Get your vote counted! Follow us on LinkedIn as Serious Privacy and on Twitter @podcastprivacy @EuroPaulB and @HeartofPrivacy. ResourcesThe German case decision on cookies The white paper on the US Cloud Act 
This week on Serious Privacy, Paul Breitbarth and K Royal speak with Lourdes Turrecha. Where a year of five ago many companies could still run their data protection and privacy compliance programs with email, spreadsheets and word files, today’s reality is completely different. Accountability, documentation and reporting requirements are much more detailed and widespread than they were before. Privacy technology is on the rise, and we sure know something about that at TrustArc! But privacy tech is not just about privacy management - it is also about privacy enhancing technologies, smarter processing technology and improved data security. Our guest this week knows all about this. Lourdes is the Founder & CEO of PIX LLC, an innovative privacy firm in Silicon Valley, and the Founder and Chief Privacy Tech Evangelist of The Rise of Privacy Tech (TROPT), a movement that brings together privacy innovators, investors, experts, and evangelists to further privacy innovation. She is also Privacy Tech & Law Fellow and Adjunct Professor of Privacy Law at Santa Clara University School of Law.As always, if you have any questions or comments, please feel free to contact us at seriousprivacy@trustarc.com. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app. We also have a LinkedIn page for Serious Privacy, so please follow for more in-depth discussion.ResourcesThe 2021 Defining the Privacy Tech Landscape white paper Privacy Tech Startup Deal Flow (for startups that are fundraising)TROPT Innovators membership (to get plugged into the privacy tech space and build relationships with other privacy tech founders, investors, and experts)TROPT Data Privacy Week 2022
This week on Serious Privacy, Paul Breitbarth and K Royal take to the streets, so to speak, at the IAPP global conference in Brussels. Well, Paul did and K benefitted. Join us as we hear the thoughts, predictions, and worries of fabulous privacy professionals. [Paul relayed the comments that he received - it was humbling & heartwarming, so thank you! As much as you appreciate us, we return the respect tenfold.]Predictions and worries include thoughts on AI, using data for good, awareness of our digital beings, children's privacy, Brexit, joint enforcement, and other wildly exciting privacy / data protection topics. Most of these are top of mind for many of us... or are they?A big thank you to all of our guests for this episode:Alexander Hanff Hanff & CoAndreea Lisievici VolvoAnna Pouliou DeloitteAoife Sexton TruataBojana Bellamy CIPLCaroline Olstedt Carlström CirioEstelle Massé Access NowGabriela Zanfir-Fortuna Future of Privacy ForumRob van Eijk Future of Privacy ForumTrevor Hughes IAPPUpcoming Privacy Shield webinar 1 DECAs always, if you have any questions or comments, please contact us at seriousprivacy@trustarc.com. If you like our podcast, please do rate and comment in your favorite podcast app. We also have a LinkedIn page for Serious Privacy.
This week on Serious Privacy, Paul Breitbarth welcomes K Royal, the recently-approved PhD graduand (yes, it’s a word) fresh from her dissertation defense on Privacy Complaince in US Universities. Many of our listeners likely participated in the nearly-anonymous Delphi Method part of her research, where privacy professionals around the world answered a series of questions to determine critical parts about privacy in the university setting. These included triggers, program elements, and risk factors. Her PhD is in public affairs, a fitting match for privacy law, from the University of Texas at Dallas, the School of Economic, Political, and Policy Sciences.Join us as we discuss the substance of privacy law at US universities, some common misperceptions, but also the difference in the PhD process between the US and Europe. Some of your favorite topics come up, such as CCPA, GDPR, and HIPAA. Also, her research involves the complexity of managing privacy law in a complex environment, bringing in Complexity Theory as a framework. Complex Adaptive Systems was used in terms of privacy law by Zhang and Schmidt when considering China’s privacy law back in 2015 in their paper Thinking of data protection law's subject matter as a complex adaptive system: A heuristic display.As always, if you have any questions or comments, please feel free to contact us at seriousprivacy@trustarc.com. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app. We also have a LinkedIn page for Serious Privacy, so please follow for more in-depth discussion.
This week on Serious Privacy, Paul Breitbarth and K Royal jump back across the ocean to North America. While everyone is focused on the Chinese Personal Information Protection Law that was passed on August 20 and went into effect November 1, 2021, Quebec quietly passed Bill 64, (C-11) “An Act to modernize legislative provisions as regards the protection of personal information.” It received assent on September 22, 2021, with a majority of its provisions coming into force over the next two years. Joining the podcast today are two experts in Canadian privacy law, Jennifer Stoddart and Constantine Karbaliotis. Jennifer was the Privacy Commissioner of Canada from 2003 to 2013 and previously served as the Chair of the Commission d'accès à l'information du Québec from 2000 to 2003 and has also held positions on the Human Rights Commissions of Canada and Québec. Constantine is likewise no slacker when it comes to privacy law, having nearly 20 years experience in both the private and public sector, helping companies comply with complex privacy laws from US, Canada, and the EU.Join us as we discuss the ins and outs of the new Quebec law, the complications you might see, the necessary steps you need to take to be compliant. In the conversation, we will also discuss some of the nuances with integrasting privacy programs and how GDPR impacts Canadian activities.As always, if you have any questions or comments, please feel free to contact us at seriousprivacy@trustarc.com. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app. We also have a LinkedIn page for Serious Privacy, so please follow for more in-depth discussion.
Comments 
Download from Google Play
Download from App Store