The Privacy Advisor Podcast

Artificial intelligence and machine learning technologies are rapidly developing across virtually all sectors of the global economy. One nascent field is empathic technology, which, for better or worse, includes emotion detection. It is estimated that the emotion detection industry could be worth $56 billion by 2024. However, judging a person's emotional state is subjective and raises a host of privacy, fairness, and ethical questions. Ben Bland has worked in the empathic technology space in recent years and now chairs the IEEE's P7014 Working Group to develop a global standard for the ethics of empathic technology. We recently caught up to discuss the pros and cons of the technology and his work with IEEE. 

U.S. government surveillance bubbled back up in headlines in recent weeks. Portugal's data protection authority halted transfers of data to the U.S. after complaints that census data were being sent back to the U.S. The same week, a U.S. Foreign Intelligence Surveillance Court decision was published, in which it renewed a U.S. surveillance program even though it found some Federal Bureau of Investigation employees illegally accessed email data. This comes as the U.S. and EU try to hammer out a renewed data transfer agreement in the wake of the "Schrems II" decision that invalidated Privacy Shield. April Falcon Doss worked at the U.S. National Security Agency for 13 years. In 2017, Doss joined the U.S. Senate Select Committee on Intelligence for the Russia investigation. She also wrote a book, "Cyber Privacy: Who Has Your Data and Why You Should Care," and took a new job at Georgetown University Law Center. Host Jedidiah Bracy recently caught up with Doss to discuss the state of play of U.S. surveillance law, her new book, what she found out while investigating the 2016 presidential election, and what’s on the horizon with her new gig at Georgetown.

The Norwegian Consumer Council made waves in early 2021 after its complaint to Norway's data protection authority, Datatilsynet, against Grindr resulted in an intention to fine the company $12 million, the highest fine ever levied by the nation’s DPA. Grindr responded to the proposed enforcement action, arguing it has refined its consent mechanism, but the case isn't over. The NCC has long worked with other advocacy organizations to bring protections and awareness for consumers around privacy issues in the marketplace. In 2018, they released an in-depth report on “dark patterns” to demonstrate how companies nudge users into making decisions that may not always be in their best interest. IAPP Editorial Director Jedidiah Bracy, CIPP, recently caught up with the NCC’s Finn Myrstad to discuss the NCC's case against Grindr and, more broadly, what companies can do to avoid using dark patterns at the expense of their users.

In the wake of "Schrems II," the future of data transfers is on shaky ground. True, the Biden administration has demonstrated that it’s taking trans-Atlantic data flows seriously after appointing Christopher Hoff in January, not long after Biden was inaugurated. And though both the U.S. Department of Commerce and European Commission are working together in earnest, short of changing its national security laws, what else can be done to prevent another legal challenge and potential invalidation to a future agreement? Baker MacKenzie Global Data Privacy and Security Group Chair Brian Hengesbaugh has an idea. Using his background in international policy and data protection, Hengesbaugh thinks now is the time for the Biden administration to “go big” and initiate an international treaty among democratic nations and their shared values around both human rights and national security. He explains in this latest episode of The Privacy Advisor Podcast. 

Virginia joined rarified air March 2 after its governor signed the Consumer Data Protection Act into law. Though California was the first state to pass baseline privacy legislation, Virginia was the first to do so absent a ballot initiative. So, what is in Virginia’s CDPA? Where does it overlap with provisions in the California Consumer Privacy Act, California Privacy Rights Act or EU General Data Protection Regulation? What are some early steps businesses should consider as they make preparations? And, what effect will the CDPA — if at all — have on other state privacy laws, and ultimately, on potential federal privacy legislation? These are a few of the issues IAPP Editorial Director Jedidiah Bracy, CIPP, discussed with Fox Rothschild Partner Odia Kagan, CIPP/E, CIPP/US, CIPM, FIP.

Concepts like “privacy engineering” and “privacy by design” have been in the privacy lexicon for several years, but do we all know or agree about what they mean? What is a privacy engineer? Sure, when we discuss privacy by design, we’re talking about baking privacy considerations in from the start and not just bolting them on after a product or service has been designed, but what is privacy by design in practice? How do you ensure your tech and legal teams can understand each other, and how can you get senior leadership to buy into privacy as a business advantage instead of an obstacle? These are a couple of issues IAPP Editorial Director Jedidiah Bracy, CIPP, recently discussed with Nishant Bhajaria, head of technical privacy and governance at Uber.

With 2020 finally in the rearview mirror, 2021 looks like it will be filled with potential data privacy legislation in the U.S. Of course, front and center right now resides the Washington Privacy Act, but the Pacific Northwest state isn't the only one in play. So far, legislation has been proposed in Connecticut, Minnesota, New York, Oklahoma and Virginia, among others. This all comes while a new presidential administration takes hold in Washington, D.C., along with a Congress controlled — though by a slim margin — by the Democrats. What should privacy pros make of all this state activity, and what are the prospects for federal privacy legislation? Host Jedidiah Bracy, CIPP, discusses these pressing issues with Husch Blackwell Partner David Strauss. 

It goes without saying 2020 has been a challenging and difficult year. COVID-19 has affected the world in inalterable ways. And though the pandemic is a sea change for how we live, work and educate our children, it did not lessen the impact of privacy and the privacy profession. In fact, privacy has become an even more front-and-center issue for businesses, governments and individuals. From the “Schrems II” decision in the EU to Proposition 24 in California to new and proposed laws in Brazil, Canada, China and India, there was no shortage of developments in the privacy space. To help assess what just happened in 2020 and what’s ahead in 2021, IAPP Editorial Director Jedidiah Bracy, CIPP, spoke with IAPP VP and Chief Knowledge Officer Omer Tene and Research Director Caitlin Fennessy, CIPP.

Artificial intelligence, big data and personalization are driving a new era of products and services, but this paradigm shift brings with it a slate of thorny privacy and data protection issues. Ubiquitous data collection, social networks, personalized ads and biometric systems engender massive societal effects that alter individual self-determination, fracture shared reality and even sway democratic elections. As an associate professor at the University of Oxford's Faculty of Philosophy and the Institute for Ethics in AI, Carissa Véliz has immersed herself in these issues and recently wrote a book, "Privacy Is Power: Why and How You Should Take Back Control of Your Data." In this latest Privacy Advisor Podcast, host Jedidiah Bracy, CIPP, caught up with Véliz to discuss her book and the importance privacy plays in society. 

Hard to believe it, but we’re only days away from a fateful vote in California on what’s called Proposition 24. If approved by the residents of California, Prop 24 will put the California Privacy Rights Act on the books. The law will add an additional layer of privacy protections for California residents and a new privacy compliance regime for businesses. Prop 24 has been hotly debated, especially in recent weeks. And the traditional fault lines between consumer advocacy and industry are not what you might suspect. Behind much of Prop 24, and the CCPA before it, is Alastair Mactaggart. With a background in real estate, Mactaggart has quickly become one of the most influential individuals in the U.S. privacy landscape. I recently had a chance to catch up with Alastair to discuss the ins and outs of Prop 24.