MDM Podcast Episode 32 - A deep dive on European digital privacy law (with Mikołaj Barczentewicz)

My guest in this episode of the Mobile Dev Memo podcast is Mikołaj Barczentewicz, an expert on EU digital privacy law. Mikołaj is a law professor at, and the research director of, the Law and Technology Hub at the University of Surrey in the United Kingdom, and he has research affiliations with the Stanford Law School and the University of Oxford, from which he received his Ph.D.

I learned of Mikołaj after reading a piece he co-wrote titled GDPR Decision Against Meta Highlights that Privacy Regulators Don’t Understand ‘Necessity’. I invited Mikołaj onto the podcast to discuss the recent spate of decisions in the EU related to digital privacy, including:

• The Irish DPC's ruling against Meta over the company's use of the contractual basis for processing user data related to personalized advertising;
• The French CNIL's recent sanctions of Apple and Voodoo Games;

In the episode, Mikołaj and I discuss a wide range of topics:

• Consent as a mechanism for collecting and processing first-party data in the EU;
• The difference between the necessity and legitimate interest bases under GDPR;
• The dynamics between the European Data Protection Board (EDPB) and the data protection agencies within the various EU states;
• The future of trans-Atlantic data flows.