Serious Privacy

Send us a text

In this episode of Serious Privacy, K Royal and Paul Breitbarth provide an update on recent happenings in both Europe and the US, some of which are surprising and the other makes no waves across the ocean.

First, an unexpected agreement on the ePrivacy Regulation by the EU Members States. This does not mean that the regulation is passed - on the contrary, the Parliament and the European Commission are nearly at polar opposites. They will now enter what is called the “trialogue” where the various parties have to reach an agreement. The ePrivacy Regulation has been in discussion for years with the original intent to enter into effect alongside the EU General Data Protection Regulation (GDPR), but alas, such did not happen.

Meanwhile, there is not a draft adequacy decision for the United Kingdom - there are two. In a never-before-seen event, the EU Commission issued two draft decisions - one for the GDPR and one for the law enforcement directive. The European Data Protection Board will now issue an opinion, which is not binding. However, the interim agreement for trade between the EU and UK will expire June 30, 2021 and cannot be extended. So a decision must be made.

On the other side of the ocean, the US is seeing some movement in the Health Insurance Portability and Accountability Act (HIPAA), which does not happen often. Current proposed revisions include proposed enhancements to patient rights, but two other recent happenings include 1) a law passed (HR7898) to provide a cybersecurity safe harbor if a practice has implemented cybersecurity practices and 2) a recent safe harbor for cybersecurity tech donations. Further, they briefly reviewed enforcement waivers due to COVID 19 that have been issued by the Department of Health and Human Services.

As

If you have comments or questions, find us on LinkedIn and IG @seriousprivacy @podcastprivacy @euroPaulB @heartofprivacy and on Blue Sky under the same - Serious Privacy, EuroPaulB, and HeartofPrivacy - and email [email protected]. Rate and Review us!
Proudly sponsored by TrustArc. Learn more about NymityAI at https://trustarc.com/nymityai-beta/
#heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO

Send us a text

In this episode of Serious Privacy, K Royal and Paul Breitbarth connect with Steven (Seven) Waterhouse, PhD, CEO and founder of Orchid, a crypto powered VPN. Given his expertise and how it is harnessed for Orchid, we felt Seven would have quite a bit of technical insight into technologies commonly discussed in conjunction with data protection. He did not disappoint.

In this episode, Seven provides insight into the technical side of privacy and the foundations that underpin most concerns - the internet. But in addition, we discuss virtual private networks for consumers and enterprise - from the perspective of blockchain and crypto. The explanations are easy to digest for those who are not technical minded, but the conversation rises to the level that a technologist can appreciate the discussion. It is well-balanced.

Join us as we discuss in app purchases, a bill in Arizona on in-app purchases, ISP, and encryption. There is an “Easter egg” in there referencing back to one (or several) of our prior episodes. We also discuss reporters and safety in third world countries related to their communications, the matrix, bunnies, and privacy-focused technology. In addition, Orchid is offering a summit March 23-24 that is free (plus, TrustArc is doing a summit this week, also free).

As always, if you have comments or feedback, please contact us at [email protected].

If you have comments or questions, find us on LinkedIn and IG @seriousprivacy @podcastprivacy @euroPaulB @heartofprivacy and on Blue Sky under the same - Serious Privacy, EuroPaulB, and HeartofPrivacy - and email [email protected]. Rate and Review us!
Proudly sponsored by TrustArc. Learn more about NymityAI at https://trustarc.com/nymityai-beta/
#heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO

Send us a text

Happy Data Protection Day! Paul Breitbarth and K Royal kick off Season 2 of the Serious Privacy podcast with a special guest, Helen Dixon, Data Protection Commissioner for Ireland. She is probably one of the best known data protection regulators around the world, with her office having the duty to supervise most major tech companies doing business in Europe. That comes with a lot of public scrutiny, and also with some fierce criticism.

In this episode, Commissioner Dixon talks about her plans for 2021, which have been publicly disclosed. But of course, we covered some of the major developments in 2020, such as the Court of Justice of the European Union decision on Schrems II back in July, as well as the first financial penalty for a US tech company. The Irish Data Privacy Commission has not been slacking off in the past year, with over 6,000 complaints, more than 7,000 breach reports, and multiple consultations, including input on COVID tracking apps and issuing guidance on CCTV.

Join us as we discuss what the workload under the General Data Protection Regulation has meant for personnel needs in her office, as well as addressing why the Irish DPC handles so many cases on US tech companies. In addition, we talked about the issues in international data transfers, including the appointment of Christopher Hoff in the US to lead the negotiations of a replacement for the invalidated EU-US Privacy Shield. We also touched on data ethics, accountability, and how to build a compliant corporate program. It’s all a work in progress.
Resources

• Irish Times on the DPC resource constraints
• Irish DPC Twitter Decision

If you have comments or questions, find us on LinkedIn and IG @seriousprivacy @podcastprivacy @euroPaulB @heartofprivacy and on Blue Sky under the same - Serious Privacy, EuroPaulB, and HeartofPrivacy - and email [email protected]. Rate and Review us!
Proudly sponsored by TrustArc. Learn more about NymityAI at https://trustarc.com/nymityai-beta/
#heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO

Send us a text

On this week of Serious Privacy, Paul Breitbarth of Catawiki and Dr. K Royal along with esteemed co-host and colleague Ralph O’Brien bring you the opening day of the #GPA (Global Privacy Assembly) in #Jersey. We set up a table in the common room and snagged passing celebrities to join us for some open conversation, such as Paul Vane Information Commissioner at Jersey Office of the Information Commissioner, and forever favorite Ron de Jesus. We discussed some of the challenges of travel, some fascinating sessions, such as Paul’s with four teen girls on their social media presence and concerns about their privacy. So join us for opening day!

Tune in for some #livinglearninglaughing.

If you have comments or questions, find us on LinkedIn and IG @seriousprivacy @podcastprivacy @euroPaulB @heartofprivacy and on Blue Sky under the same - Serious Privacy, EuroPaulB, and HeartofPrivacy - and email [email protected]. Rate and Review us!
Proudly sponsored by TrustArc. Learn more about NymityAI at https://trustarc.com/nymityai-beta/
#heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO

Demonstrating compliance is certainly not always easy, but under many laws, including the GDPR, it is a mandatory requirement. To facilitate the process, codes of conduct and certification schemes are becoming more popular, and it is no wonder they have been included in the GDPR as well. As we are on the verge of seeing the first codes of conduct to demonstrate GDPR compliance approved, Paul Breitbarth and K Royal discuss the EU Cloud Code of Conduct, which TrustArc is proud to support.

Join us and learn more about what the EU Cloud Code of Conduct entails, how it is supposed to work and what the benefits are of adhering to such a code. Oh, and don't be surprised for a little April Fools and Easter conversation this week too - the recording was made on 1 April... 

As always, if you have comments or questions, please contact us at [email protected]. 

Resources

• A downloadable version of the EU Cloud Code of Conduct
• Details on the future Third Country Module, intended for international data transfers
• Webinar with Paul on the Third Country Module