Masters of Privacy

Tejas Manohar is the co-founder and co-CEO of Hightouch. Prior to founding Hightouch, Tejas was an early engineer at Segment, a leading Customer Data Platform (CDP) acquired by Twilio.  The following topics have been covered in this interview: Current limitations of Customer Data Platforms (CDP) as a core building block of the marketing data stack The value of composable CDPs and Reverse ETL Privacy compliance challenges of CDPs and customer data integration as a whole Potential overlaps with Data Clean Rooms References: Tejas Manohar on LinkedIn Traditional CDP vs. Composable CDP: What is the difference? Revenge of the silos: How privacy compliance is cutting the customer journey short (Sergio Maldonado) This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Molly Martinson is a lawyer at Wyrick Robbins, a Raleigh-based law firm with outstanding privacy compliance credentials. She advises clients on a whole range of applicable privacy frameworks (CCPA, CPRA, FCRA, CAN-SPAM, COPPA, HIPAA), data breaches, laws regulating data brokers, and laws governing website and mobile application privacy policies. She also regularly advises international and U.S.- based clients on the applicability and requirements of the EU General Data Protection Regulation (GDPR).  Molly received her B.A., cum laude from Wake Forest University and her J.D. with honors from UNC Schoolors Writing Scholar. She also received the Gressman-Pollitt Award for Excellence in Oral Advocacy. Molly served as a law clerk to the Honorable Robert N. Hunter, Jr. on the Supreme Court of North Carolina and the North Carolina Court of Appeals before entering private practice. References: Molly Martinson on LinkedIn California Consumer Privacy Act Virginia Consumer Data Protection Act Colorado Privacy Act Utah Consumer Privacy Act Summary of the Texas Data Privacy and Security Act (National Law Review) Connecticut Data Privacy Act Florida Privacy Protection Act Montana Consumer Privacy Law Oregon Consumer Privacy Act Global Privacy Control Wyrick Robbins This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Romain Robert is member of the litigation chamber of Belgium’s Supervisory Authority. He worked in various Brussels law firms between 2002 and 2011. Between 2007 and 2011, he was also a researcher at the Research Centre in Law and Society at the University of Namur. In 2011, he joined Belgium’s Supervisory Authority as a legal advisor. He worked as legal officer at the Policy and Consultation Unit of the European Data Protection Supervisor (EDPS) as of 2015 and joined the Secretariat of the European Data Protection Board (EDPB) in May 2018. In April 2020, Romain joined NOYB - an NGO conducting strategic litigation to enforce digital rights - where he was Program Director until July 2023. References: Romain Robert on LinkedIn EDPS Opinion on the Proposal for a Directive on certain aspects concerning contracts for the supply of digital content Sergio Maldonado, How the Digital Content Directive will break the GDPR NOYB Robert Bateman: Consent or Pay EDPB Guidelines 05/2020 on consent Giovanni Buttarelli (former EDPS), “Privacy 2030: A Vision for Europe” (IAPP) This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Renzo Marchini, London-based partner at Fieldfisher's Data and Privacy team, discusses the unintended consequences of the EDPB's Guidelines on storage and access beyond cookies. They explore the history of the privacy directive, the impact on companies beyond cookies, and the challenges of consent management platforms.

Nina and Sergio run through the most relevant news of the past three months at the usual intersection of marketing, data, privacy, and technology - stopping at a few less commented and yet quite relevant fines, guidelines, or upcoming legal frameworks. In particular, this episode covers:  Dark patterns in recent EU enforcement actions  EDPB Guidelines on the technical scope of the ePrivacy Directive The 23andMe data breach 40 states suing Meta over Insta/FB’s impact on the mental health of teenagers Best of all, we managed to avoid OpenAI’s drama. With Nina Müller and Sergio Maldonado. References: [ES] AEPD fine resulting from the use of dark patterns in the acceptance of third party recipients (Expansion) Irish watchdog fines TikTok €345M for mishandling kids' data (The Register) 23andMe user data targeting Ashkenazi Jews leaked online (NBC News) EDPB Draft Guidelines 2/2023 on Technical Scope of Art. 5(3) of ePrivacy Directive  Dozens of states sue Meta over youth mental health crisis (The Verge) Masters of Privacy - Arielle Garcia: How privacy awareness leads to respectful, effective marketing This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Arielle Garcia combines a really good understanding of the advertising industry with award-winning expertise in privacy and responsible data use. She is the founder of ASG solutions, a consultancy firm specifically focused on helping marketers drive sustainable growth through respectful marketing and was previously UM Worldwide’s Chief Privacy Officer. She holds a JD from Fordham University and has been recognised as a Top Woman in Media and AdTech by AdExchanger in 2023 (as well by others in prior years). In 2021 she was inducted to the American Advertising Federation’s Advertising Hall of Achievement due to her impact on the industry. What we have covered in this episode: The bigger picture of privacy challenges in the digital marketing industry Cookie and pixel inventories Does more data mean better results? Privacy consequences of the new “black box” offerings from the walled gardens Unconsented signals and Conversions APIs US-specific concerns regarding the use of health-related data in programmatic advertising Aligning customer expectations of privacy with business results References: Arielle Garcia, An Industry In Conflict: It’s Time For Tough Questions And Hard Decisions (Ad Exchanger) Arielle Garcia on LinkedIn Arielle Garcia on X This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Jeffrey Bustos is the VP, MAD (Measurement Addressability Data) + Commerce at the IAB where he develops industry standards and guides for measurement and addressability solutions to enable revenue growth, efficiency, and scale with a focus in Retail Media Networks, Video / Advanced Television, and Privacy Enhancing Technology. His projects include: Categorization & Definitions Buyers Guide for Retail Media, Data Clean Rooms and Privacy Preserving Solutions Research, and Attention & Engagement Metrics Standards.  Previously, Jeffrey worked at GroupM where he led Data & Audience Strategy for eCommerce clients, assisting them with cookieless solutions, audience strategy & activation, as well as data taxonomy & identity resolution for CDPs and Data Clean Room activations. References: Jeff Bustos on LinkedIn Retail Media Networks Buyer’s Guide (IAB) IAB: Navigating the Privacy landscape (video)   This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Cristiana Santos is Assistant Professor in Privacy and Data Protection Law at Utrecht University, holding a joint international Doctoral Degree in Law, Science and Technology from the University of Bologna, and a Ph.D. in Computer Science from the University of Luxembourg. She is an expert of the Data Protection Unit at the Council of Europe; expert for the implementation of the EDPB's Support Pool of Experts; and expert of the Digital Persuasion or Manipulation Expert Group. She holds an International Chair Starting Career position at the National Institute for Research in Digital Science and Technology (INRIA, 2023-2026) to work on technical and legal aspects of data protection. Prior to joining academia, Cristiana was a lawyer and worked as a legal adviser and lecturer at the Portuguese Consumer Protection Organization. Victor Morel holds a Ph.D in Computer Science from INRIA and works at the Security & Privacy Lab of Chalmers University in Gothenburg (Sweden). He is working on usable privacy for IoT applications, and his interests encompass privacy, data protection, networks security, usability and Human-Computer Interactions, applied cryptography, and the broad spectrum of ethics in technology. He is also a member of FELINN’s collegiate council, a French association (1901) defending decentralization, privacy, and free software through popular education. Cristiana and Victor have co-authored a recent paper titled “Legitimate Interest is the New Consent – Large-Scale Measurement and Legal Compliance of IAB Europe TCF Paywalls”. With them we are directing our attention to consent walls in the context of publishers and the open market, having already dedicated two recent interviews to the “consent or pay” model as it concerns Instagram and Facebook (ie. Meta). We will also try to understand the challenges and potential conflicts of interest faced by CMP (Consent Management Platform) vendors.  References: Cristiana Santos at Utrecht University Victor Morel’s bio and projects Legitimate Interest is the New Consent – Large-Scale Measurement and Legal Compliance of IAB Europe TCF Paywalls (Cristiana Santos, Victor Morel, Viktor Fredholm, Adam Thunberg, 20/9/2023) Upcoming Workshop on Privacy in the Electronic Society - with Victor Morel (Copenhagen, November 26th 2023) EDPB: Report of the work undertaken by the Cookie Banner Taskforce CJEU to consider questions from IAB Europe TCF decision (Techcrunch) German court bans LinkedIn from ignoring “Do Not Track” signals (Townflex) Your Consent Is Worth 75 Euros A Year -- Measurement and Lawfulness of Cookie Paywalls (20/9/2022) IAB TCF 2.2 specification   This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Jeff Jockisch is an independent data privacy researcher at PrivacyPlan. He is also Chief Privacy Officer and partner at Avantis Privacy. Prior to compiling the largest known database of data brokers, he spent many years working with startups, technology, and data. He studied Organizational Behavior at Cornell and holds a CIPP/US accreditation (IAPP). Our primary questions today: Can the (brand new) California "Delete Act" or the GDPR be sufficient to avoid major AI-powered phishing attacks? Is there anything else that we could do as individuals or businesses? References: Jeff Jockisch on LinkedIn California “Delete Act” (2023) FTC: How to Recognize and Avoid Phishing Scams Privacy Plan Avantis Privacy Permission Slip, by Consumer Reports   This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Robert Bateman is a data protection writer, trainer, and consultant. He has published innumerable articles on the topic, as well as led panel discussions and interviewed key well-known figures in the space on stage, at well-known privacy conferences. Besides freelancing as content creator, he is an associate with Act Now Training and a Subject Matter Expert with Heward Mills, a data protection consultancy.  With Robert we have addressed the recent public outcry about Instagram and Facebook becoming paid services for whoever does not want to see ads or consent to the data processing involved in running them. Given that we have already got used to seeing cookie walls on European news websites (in Germany, France, or Italy), we have aimed to open the wider debate around “Consent or Pay” business models. References: Le Conseil d’État annule partiellement les lignes directrices de la CNIL relatives aux cookies et autres traceurs de connexion Victor Morel, Cristiana Santos, Viktor Fredholm, Adam Thunberg: “Legitimate Interest is the New Consent – Large-Scale Measurement and Legal Compliance of IAB Europe TCF Paywalls” Report of the work undertaken by the EDPB Cookie Banner Taskforce IAB Europe Transparency and Consent Framework 2.2 (stops conflating legitimate interest and consent) EDPB Guidelines 05/2020 on consent under Regulation 2016/679 Robert Bateman on Twitter Robert Bateman on LinkedIn Giovanni Buttarelli (former EDPS), “Privacy 2030: A Vision for Europe” Google Privacy Sandbox This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe