Serious Privacy

Send us Fan MailIn this week of Serious Privacy brought to you by TrustArc, Paul Breitbarth  and K Royal share some news, discuss current events, and review both recent privacy developments and upcoming guests for the show. Topics covered include decisions involving tech companies, such as Facebook, Google, and Grindr, as well as general information on assessing risks. Join us as we discuss privacy from our perspective in the midst of a war in Europe. Our hearts and prayers go out to those impacted, most especially the people of Ukraine. Please also register for the upcoming TrustArc webinars, the next one on March 8 on COVID-19, Two Years Later – Still A Data Privacy Challenge. Click to register here.  Also, if you are wondering if tracking privacy efforts using spreadsheets is sufficient, check out this blog.  If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailIn this week of Serious Privacy by TrustArc, K Royal and Paul Breitbarth have a conversation with Anne-Charlotte Recker and Julian Deckers of the Belgian Data Protection Authority. Both work for the DPAs Litigation Chamber, which on 2 February 2022 released their long-awaited decision on the legality of the Transparency and Consent Framework (TCF) developed by the Interactive Advertising Bureau (IAB). The decision will likely have a significant impact on the future of cookie banners. Not only did the Belgian DPA find that the current banners following the TCF model are not transparent enough, they also use legal bases for many data collections that are not possible.Join us as Anne-Charlotte and Julian explain all about the background of the procedure, the decision that was made and what to expect next. They also explain the concept of Real-Time Bidding that is used in online advertising (the PhD Thesis of dr. Rob van Eijk on this topic can be found here). Since our recording, the Dutch DPA has indicated to various media outlets that the use of the IAB TCF in the Netherlands should be ended effective immediately, thus going a step further than the Belgian DPA. Thank you for listening to another episode of Serious Privacy. If you like our series, please do tell your friends and colleagues about us, and rate and review our episodes in your favourite podcast app or on your favourite podcast platform. Should you have any questions or suggestions, please reach out to us via seriousprivacy@trustarc.com or info@seriousprivacy.eu, or via Twitter at @podcastprivacy. You find us on LinkedIn as Serious Privacy. You will find On Twitter, look for @TrustArc, @heartofprivacy, and @EuroPaulB. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailIn this week of Serious Privacy by TrustArc, K Royal and Paul Breitbarth catch up with one of the oldest and most respected names in privacy, Marty Abrams, the Executive Director and Chief Strategist of the Information Accountability Foundation. Marty has 35 years of experience as an information and consumer policy innovator. Multi-stakeholder collaboration has been a key for him in developing practical solutions to dilemmas in information policy. The IAF has among other things prepared reports on Trustworthy People Beneficial Data Activities and on Fair and Ethical Data Processing, as well as drafted model privacy legislation for countries, including the United States, around the world. Join us as we discuss the United Kingdom and their recent activities in law, AI, such as training data for machine learning, and legitimate interest for advertising data. The IAF responded to the call for consultation. Marty also shared his thoughts on whether the GDPR, as it currently stands, can last 20 years. Other topics include cross-border transfers of data, government transparency, and model legislation.Thank you for listening to another episode of Serious Privacy. If you like our series, please do tell your friends and colleagues about us, and rate and review our episodes in your favorite podcast app or on your favourite podcast platform. Should you have any questions or suggestions, please reach out to us via seriousprivacy@trustarc.com or info@seriousprivacy.eu, or via Twitter at @podcastprivacy. You find us on LinkedIn as Serious Privacy. You will find On Twitter, look for @TrustArc, @heartofprivacy, and @EuroPaulB. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailOn 28 January 1981, the Council of Europe opened up the Convention 108, the world’s first globally binding instrument on the protection of personal data.  Since 2007, the privacy community celebrates International Data Protection Day (Data Privacy Day). For  #SeriousPrivacy, it is our season launch. K Royal and Paul Breitbarth talk about many of the recent developments in data protection and we play a new game: Privia Pursuit. Let us know if you think it has potential. Join them for a broad discussion that involves  TrustArc’s Webinar on India, Saudi Arabia data protection legislation, China’s PIPL, Quebec Bill 64 ( Serious Privacy episode with Constantine Karbaliotis and Jennifer Stoddart), US state laws (please see TrustArc’s paper on US State legislation), and Google analytics (see Dutch DPA’s Google Analytics guidance (in Dutch), Austria DPA’s Google Analytics decision,  EDPS Google Analytics decision,  Guernsey DPA, and Danish DPA). We also touch on the Dutch class action that was thrown out, and the cyber attack on the ICRC.It’s not all work - we also include the Mauritshuis museum in The Hague, Disney’s Encant If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailThis week on Serious Privacy, Paul Breitbarth and K Royal say goodbye to season 2 of Serious Privacy and look forward to season 3. 2021 might be a year that many of us actually would like to forget but for the privacy community, it was an exciting year and a lot of good things have happened. We have new laws, new guidance, more enforcement and court decisions, and a continuously expanding field of privacy professionals. The podcast continued to grow - this is the 91st episode and well over 50,000 downloads to date - and received wide recognition, including from the master of the privacy podcast directory Jeff Jockisch! A few weeks ago, you already heard predictions from lots of IAPP Brussels visitors for 2022. Today, you’ll hear ours. Will they come true? Do you agree? We had amazing guests on this season and our first season. It is difficult to choose which ones to feature in this episode. Some episodes are chosen by the listeners, so those are easy, but the others - not so easy at all. You will hear select clips from Helen Dixon about international investigations and dealing with criticism, Romain Robert with noyb (about enforcement taking time), tracking and dark patterns, from episode 36 (Jocelyn Paulley, Partner at Gowling WLG in London and Lindsey Schultz, Senior Counsel at Global Privacy for Visa), Eric Cole (cybersecurity and ethical hackers - episode relevant again because of Log4Shell), and Emerald de Leeuw (recommendation for Paul to get started) - along with information on PIPL and SCCs. As always, please feel free to share your thoughts with us - therewill be a year end show on the best episodes. Get your vote counted! Follow us on LinkedIn as Serious Privacy and on Twitter @podcastprivacy @EuroPaulB and @HeartofPrivacy.  If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailThis week on Serious Privacy, Paul Breitbarth and K Royal take some time to review recent events or developments in privacy and data protection. With little happening in the U.S. (where is Ohio’s privacy law?), the focus is more on Europe and India. K and Paul discuss the European Data Protection Board’s recent guidance on international transfers, the new decision by the Wiesbaden court (in Hesse, Germany) on cookies and the U.S., and the highest fine to date in the Netherlands. Join K and Paul as they explore what the U.S. Cloud Act has to do with cookies. It’s not really clear, but more information has come with the publishing of the interim order. And lastly, there is news to share on a personal level. Tune in to find out. As always, please feel free to share your thoughts with us - therewill be a year end show on the best episodes. Get your vote counted! Follow us on LinkedIn as Serious Privacy and on Twitter @podcastprivacy @EuroPaulB and @HeartofPrivacy. ResourcesThe German case decision on cookies The white paper on the US Cloud Act  If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailThis week on Serious Privacy, Paul Breitbarth and K Royal speak with Lourdes Turrecha. Where a year of five ago many companies could still run their data protection and privacy compliance programs with email, spreadsheets and word files, today’s reality is completely different. Accountability, documentation and reporting requirements are much more detailed and widespread than they were before. Privacy technology is on the rise, and we sure know something about that at TrustArc! But privacy tech is not just about privacy management - it is also about privacy enhancing technologies, smarter processing technology and improved data security. Our guest this week knows all about this. Lourdes is the Founder & CEO of PIX LLC, an innovative privacy firm in Silicon Valley, and the Founder and Chief Privacy Tech Evangelist of The Rise of Privacy Tech (TROPT), a movement that brings together privacy innovators, investors, experts, and evangelists to further privacy innovation. She is also Privacy Tech & Law Fellow and Adjunct Professor of Privacy Law at Santa Clara University School of Law.As always, if you have any questions or comments, please feel free to contact us at seriousprivacy@trustarc.com. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app. We also have a LinkedIn page for Serious Privacy, so please follow for more in-depth discussion.ResourcesThe 2021 Defining the Privacy Tech Landscape white paper Privacy Tech Startup Deal Flow (for startups that are fundraising)TROPT Innovators membership (to get plugged into the privacy tech space and build relationships with other privacy tech founders, investors, and experts)TROPT Data Privacy Week 2022 If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailThis week on Serious Privacy, Paul Breitbarth and K Royal take to the streets, so to speak, at the IAPP global conference in Brussels. Well, Paul did and K benefitted. Join us as we hear the thoughts, predictions, and worries of fabulous privacy professionals. [Paul relayed the comments that he received - it was humbling & heartwarming, so thank you! As much as you appreciate us, we return the respect tenfold.]Predictions and worries include thoughts on AI, using data for good, awareness of our digital beings, children's privacy, Brexit, joint enforcement, and other wildly exciting privacy / data protection topics. Most of these are top of mind for many of us... or are they?A big thank you to all of our guests for this episode:Alexander Hanff Hanff & CoAndreea Lisievici VolvoAnna Pouliou DeloitteAoife Sexton TruataBojana Bellamy CIPLCaroline Olstedt Carlström CirioEstelle Massé Access NowGabriela Zanfir-Fortuna Future of Privacy ForumRob van Eijk Future of Privacy Forum If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailThis week on Serious Privacy, Paul Breitbarth welcomes K Royal, the recently-approved PhD graduand (yes, it’s a word) fresh from her dissertation defense on Privacy Complaince in US Universities. Many of our listeners likely participated in the nearly-anonymous Delphi Method part of her research, where privacy professionals around the world answered a series of questions to determine critical parts about privacy in the university setting. These included triggers, program elements, and risk factors. Her PhD is in public affairs, a fitting match for privacy law, from the University of Texas at Dallas, the School of Economic, Political, and Policy Sciences.Join us as we discuss the substance of privacy law at US universities, some common misperceptions, but also the difference in the PhD process between the US and Europe. Some of your favorite topics come up, such as CCPA, GDPR, and HIPAA. Also, her research involves the complexity of managing privacy law in a complex environment, bringing in Complexity Theory as a framework. Complex Adaptive Systems was used in terms of privacy law by Zhang and Schmidt when considering China’s privacy law back in 2015 in their paper Thinking of data protection law's subject matter as a complex adaptive system: A heuristic display.As always, if you have any questions or comments, please feel free to contact us at seriousprivacy@trustarc.com. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app. We also have a LinkedIn page for Serious Privacy, so please follow for more in-depth discussion. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailThis week on Serious Privacy, Paul Breitbarth and K Royal jump back across the ocean to North America. While everyone is focused on the Chinese Personal Information Protection Law that was passed on August 20 and went into effect November 1, 2021, Quebec quietly passed Bill 64, (C-11) “An Act to modernize legislative provisions as regards the protection of personal information.” It received assent on September 22, 2021, with a majority of its provisions coming into force over the next two years. Joining the podcast today are two experts in Canadian privacy law, Jennifer Stoddart and Constantine Karbaliotis. Jennifer was the Privacy Commissioner of Canada from 2003 to 2013 and previously served as the Chair of the Commission d'accès à l'information du Québec from 2000 to 2003 and has also held positions on the Human Rights Commissions of Canada and Québec. Constantine is likewise no slacker when it comes to privacy law, having nearly 20 years experience in both the private and public sector, helping companies comply with complex privacy laws from US, Canada, and the EU.Join us as we discuss the ins and outs of the new Quebec law, the complications you might see, the necessary steps you need to take to be compliant. In the conversation, we will also discuss some of the nuances with integrasting privacy programs and how GDPR impacts Canadian activities.As always, if you have any questions or comments, please feel free to contact us at seriousprivacy@trustarc.com. In addition, if you like our podcast, please do rate and comment on our program in your favorite podcast app. We also have a LinkedIn page for Serious Privacy, so please follow for more in-depth discussion. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.