Serious Privacy

Send us Fan MailDevelopments in privacy sometimes go so quickly, it is almost impossible to keep up. In this episode of Serious Privacy, K Royal and Paul Breitbarth, talk about many of these recent developments in order to bring you up to date again. Join us as we discuss the forthcoming stricter enforcement of cookie rules in France, a German court case prohibiting nudging end users towards accepting a privacy unfriendly option, and yet another set of CCPA Regulations. We welcome the appointments of the very first members of a specific privacy regulator in the U.S. (when will they join the Global Privacy Assembly?) and we talk about a court case in which a private right of action did prove to be possible under HIPAA. You will also hear about the Arizona legislative debate about in-app purchase, possibly forcing Apple and Google to accept more payment methods than they do so far. Alas, the vote did not take place in the end. Finally, we break down some of the highlights of the Virginia Consumer Data Protection Act. As always, if you have comments or feedback, please contact us at seriousprivacy@trustarc.com.Social MediaTwitter - @podcastprivacy, @trustarc, @EuroPaulB, @heartofprivacy, Instagram - @SeriousPrivacy If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailIn this episode of Serious Privacy, K Royal and Paul Breitbarth host the new and first Chief Innovation Officer of the Federal Deposit Insurance Corporation (FDIC) in the US, Sultan Meghji. Sultan has a rich history as co-founder of Neocova which specializes in AI software for financial institutions, an adjunct professor at Washington University’s Olin Business School, a scholar of the Carnegie Endowment for International Peace, and an alum of the FBI Phoenix Citizens Academy - where he met K over a decade ago. But as the first Chief Innovation Officer, the initial focus is on - what is his job description?It is clear that Sultan’s expertise flows across a broad span of what Serious Privacy’s listeners are interested in, such as security and privacy by design, technological innovation in the financial services, and how the US fits into the global market.  Given that Sultan is new to the role, he does not yet have any major policy initiatives to announce, but did provide a teaser on some tech innovation which we should see come out in the near future and which fulfills the FDIC’s desire to advance financial technology on a rapid pace of adoption. Join us as we discuss how the financial market has changed in the past few decades with artificial intelligence, cyberevents, and the ripples of the interconnectedness of the market and technology. We also peek into what the next few decades may look like, but the new normal that we are in, it is difficult to predict any certain future. We also discussed ransomware as a service, engineering resilience, and advantages of liberal democracies. Sultan did emphasize that he wants to hear from the public on ideas for or problems with financial services and technology and he can be reached at innovation@fdic.gov. As always, if you have comments or feedback, please contact us at seriousprivacy@trustarc.com. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailIn this episode of Serious Privacy, K Royal and Paul Breitbarth connect with Steven (Seven) Waterhouse, PhD, CEO and founder of Orchid, a crypto powered VPN. Given his expertise and how it is harnessed for Orchid, we felt Seven would have quite a bit of technical insight into technologies commonly discussed in conjunction with data protection. He did not disappoint. In this episode, Seven provides insight into the technical side of privacy and the foundations that underpin most concerns - the internet. But in addition, we discuss virtual private networks for consumers and enterprise -  from the perspective of blockchain and crypto. The explanations are easy to digest for those who are not technical minded, but the conversation rises to the level that a technologist can appreciate the discussion. It is well-balanced. Join us as we discuss in app purchases, a bill in Arizona on in-app purchases, ISP, and encryption. There is an “Easter egg” in there referencing back to one (or several) of our prior episodes. We also discuss reporters and safety in third world countries related to their communications, the matrix, bunnies, and privacy-focused technology. In addition, Orchid is offering a summit March 23-24 that is free (plus, TrustArc is doing a summit this week, also free). As always, if you have comments or feedback, please contact us at seriousprivacy@trustarc.com. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailIn this episode of Serious Privacy, K Royal and Paul Breitbarth connect with Shoshana Rosenberg, Deputy General Counsel for Privacy, Cybersecurity and Data Strategy, as well as CPO and Vice President at WSP USA. However, our conversation is more around the focus of SafePorter, a data trust providing valuable business insights, while respecting the privacy of employees. In essence, the topic is how to address diversity, inclusion, and equity efforts and goals without compromising employee sensitive data. For example, companies should consider inclusivity in their hiring opportunities and internally within development operations, but there is a challenge in understanding progress without having to collect and understand the diversity among applicants and employees. Certainly, this topic touched on social justice issues that the podcast has discussed before, but this time, the conversation centers more on how companies can achieve their goals and before that, why they should have these goals.Shoshana talked about developing Inclusion by Design and holding vendors accountable for inclusivity in their processes. Not an easy effort to manage, but yet with the right focus and goals, achievable. This expands pain points into opportunities to improve and engage corporate social responsibility.  Join us as we discuss IbD in DevOps and being privacy centric, all while managing sensitive information of employees. We also touch on K-anonymity, the UK diversity and inclusion impact assessment, and potential non-profit or volunteer opportunities for privacy professionals.As always, if you have comments or feedback, please contact us at seriousprivacy@trustarc.com.Social MediaTwitter@privacypodcast, @trustarc, @EuroPaulB, @heartofprivacyInstagram@SeriousPrivacy If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailIn this episode of Serious Privacy, K Royal and Paul Breitbarth provide an update on recent happenings in both Europe and the US, some of which are surprising and the other makes no waves across the ocean.First, an unexpected agreement on the ePrivacy Regulation by the EU Members States. This does not mean that the regulation is passed - on the contrary, the Parliament and the European Commission are nearly at polar opposites. They will now enter what is called the “trialogue” where the various parties have to reach an agreement. The ePrivacy Regulation has been in discussion for years with the original intent to enter into effect alongside the EU General Data Protection Regulation (GDPR), but alas, such did not happen. Meanwhile, there is not a draft adequacy decision for the United Kingdom - there are two. In a never-before-seen event, the EU Commission issued two draft decisions - one for the GDPR and one for the  law enforcement directive. The European Data Protection Board will now issue an opinion, which is not binding. However, the interim agreement for trade between the EU and UK will expire June 30, 2021 and cannot be extended. So a decision must be made. On the other side of the ocean, the US is seeing some movement in the Health Insurance Portability and Accountability Act (HIPAA), which does not happen often. Current proposed revisions include proposed enhancements to patient rights, but two other recent happenings include 1) a law passed (HR7898) to provide a cybersecurity safe harbor if a practice has implemented cybersecurity practices and 2) a recent safe harbor for cybersecurity tech donations. Further, they briefly reviewed enforcement waivers due to COVID 19 that have been issued by the Department of Health and Human Services. As always, if you have comments or feedba If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailIn this episode of Serious Privacy, K Royal is joined by guest co-host Ralph O’Brien to speak about what one privacy professional did with his free time over the pandemic. Most of us may have started a new hobby - so did Jeff Jockisch, founder and CEO of PrivacyPlan. First, he achieved his Certified Information Privacy Professional for US privacy law from the International Association of Privacy Professionals.His studying process took him to books such as Peter Swire’s, and privacy podcasts. But he did not stop there. He created a database of podcasts on privacy and he publishes his database, including weekly favorites for specific episodes, on LinkedIn. Many of us have found this to be insightful and helpful, but we were curious how he started in this and why. So we asked Jeff to come onto the show and discovered there is much more to his analytics than podcasts.Join us as we also discuss data brokers in detail, including how many he has documented (take a guess) and how he gathers his information. We also discuss biometric identifiers, de-identified information, data localization, and consent. Whether you are a privacy professional or someone who wants to learn about how companies manage your information, this is great information to know.As always, if you have comments or feedback, please contact us at seriousprivacy@trustarc.com. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailIn this episode of Serious Privacy, K Royal is joined by guest co-host Ralph O’Brien, who brings that United Kingdom perspective to data protection. As a well-known and respected privacy professional, Ralph took the opportunity to discuss some of the current hot topics in privacy with K, such as the impact of #Brexit on managing privacy programs in Europe. Join us as we discuss the UK General Data Protection Regulation and how it was adopted and adapted from the EU GDPR and what might change in the approach companies take to appointing a local representative or designating a data protection officer. In addition, they touch on Schrems II, genetic testing, facial recognition, and risk-based privacy controls. It’s a lively discussion where the conversation goes where it may, and Ralph and K learn how much they have in common. And of course, there were references to both Harry Potter and the Avengers in terms of exploring what a new data transfer mechanism between the US and the EU would be called.As always, if you have comments or feedback, please contact us at seriousprivacy@trustarc.com. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailHappy Data Protection Day! Paul Breitbarth and K Royal kick off Season 2 of the Serious Privacy podcast with a special guest, Helen Dixon, Data Protection Commissioner for Ireland. She is probably one of the best known data protection regulators around the world, with her office having the duty to supervise most major tech companies doing business in Europe. That comes with a lot of public scrutiny, and also with some fierce criticism. In this episode, Commissioner Dixon talks about her plans for 2021, which have been publicly disclosed. But of course, we covered some of the major developments in 2020, such as the Court of Justice of the European Union decision on Schrems II back in July, as well as the first financial penalty for a US tech company. The Irish Data Privacy Commission has not been slacking off in the past year, with over 6,000 complaints, more than 7,000 breach reports, and multiple consultations, including input on COVID tracking apps and issuing guidance on CCTV. Join us as we discuss what the workload under the General Data Protection Regulation has meant for personnel needs in her office, as well as addressing why the Irish DPC handles so many cases on US tech companies. In addition, we talked about the issues in international data transfers, including the appointment of Christopher Hoff in the US to lead the negotiations of a replacement for the invalidated EU-US Privacy Shield. We also touched on data ethics, accountability, and how to build a compliant corporate program. It’s all a work in progress.ResourcesIrish Times on the DPC resource constraintsIrish DPC Twitter Decision  If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailWe look back to January 2020 - with no crystal ball for Serious Privacy with Paul Breitbarth and K Royal.  With 47 episodes and over 25,000 downloads,  Season 1 of Serious Privacy is complete. Thank you to our fans! Season 2 starts Global Privacy Day 2021. Our initial ideas were a little different, but K and Paul found their rhythm and a following. Join us as we look back, play some of our favorite moments, and look ahead to 2021. Our most popular episodes were What Now Right Now? Assessment of the EU Schrems II Decision with Gabriela Zanfir-Fortuna of the Future of Privacy Forum and Sophie in ’t Veld, which we put together the same day; Wildly Successful: An Unexpected Career in Privacy with Emerald de Leeuw; and Privacy on the Front Lines: A View from LA with Lillian Russell. We had phenomenal speakers from around the world (such as Travis LeBlanc, Profs. Dan Solove and Paul Schwartz, Sophie Kwasny, Fabricio da Mota Alves,  Vivienne Artz, Marie Penot, Annelies Moens) and amazing topics (such as Sharenting, a tribute to Ruth Bader Ginsburg, Schrems II guidance, laws from around the world , social justice,  If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Send us Fan MailOn 17 November 2020, the Canadian Minister of Information Science and Economic Development, Navdeep Bains, introduced bill C-11, the long-awaited update to the federal Canadian privacy legislation. For many years, this legislative update had been rumoured, and now that it was finally put on the table, we can see some sweeping changes. The Digital Charter Implementation Act, 2020, which includes the Consumer Privacy Protection Act, "would significantly increase protections to Canadians' personal information by giving Canadians more control and greater transparency when companies handle their personal information", the minister said. This week, we will take a look at what the new Canadian law might bring, how it would impact companies doing business in Canada and what novel approaches might be an inspiration for the rest of the privacy community. Our guests are two Canadian powerhouses: former Privacy Commissioner Jennifer Stoddart (now at Fasken), and nNovation counsel Constantine Karbaliotis. Both share their views on the federal and provincial legislative developments in Canada and look ahead at the potential impact of the new legislation.ResourcesBill C-11: An Act to enact the Consumer Privacy Protection Act and the Personal Information and Data Protection Tribunal Act and to make related and consequential amendments to other Acts - linkBig fines included in Canada's newly proposed national privacy bill - link Federal privacy reform in Canada: The Consumer Privacy Protection Act - linkPrivacy watchdog says he will look for amendments to new privacy legislation - linkSocial Media@TrustArc @PodcastPrivacy @HeartofPrivacy @EuroPaulB @ConstantK @FaskenLaw If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.