The Privacy Advisor Podcast

The EU General Data Protection Regulation ushered in an enhanced private right of action for violations of the law, both for material and non-material damages. Attorneys say there's now a significant uptick in cases brought alleging such a grievance has occurred, and that they're often brought as a "follow-on" to data protection authorities' own investigations. In this episode of The Privacy Advisor Podcast, Orrick attorneys Keily Blair and James Lloyd, both based in the U.K., describe the uptick in civil litigation claims they're seeing and the ways that's changing things — including how companies interact with data protection authorities. 

It's a troubling and weird time to be alive. The headline are dominated by reports of mass death and despair globally, and we're all trapped at home trying to cope with a very new and very difficult reality. In a time like this, it can feel hard to find meaning in the day-to-day work of being a privacy professional. In this fireside-chat style podcast, IAPP Editor Angelique Carson, CIPP/US, talks with three DC-based privacy professionals -- who happen to also be three of her best friends -- about how they're coping and staying focused on their individual missions. 

Telecommunications companies across the world, including in Germany, Brazil and China have granted their governments access to customers' cellphone data in an effort to help track the COVID-19. Other countries are more cautious; the Dutch DPA called for emergency legislation before sharing occurs, and Canadian Prime Minister Justin Trudeau has said a flat no, for now. In this episode of The Privacy Advisor Podcast, Heather Federman, vice president of privacy and policy at BigID, discusses the potential longterm implications of location data agreements and the role privacy officers should play in board room discussions on sharing customer data. 

It's a scary time by any standard. There's news every day about the latest number of those infected by an invisible danger that'll make some sick and kill others and to stay safe we have to stay away from each other in a time when we most need each other for support. And when we're scared, sometimes we make decisions based on fear. In this episode of The Privacy Advisor Podcast, Michelle De Mooy of DeMOOY Consulting and former director of privacy and data at the Center for Democracy and Technology, talks about the data privacy concerns related to private-public entities partnering up to address the health crises COVID-19 has presented. 

If there's anyone we could call an expert on data protection in the EU, it's Christian D'Cunha. Years back, he was charged with leading the review of the EU Data Retention Directive — no easy task — before he moved to a role at the European Data Protection Supervisor's office as a policy assistant under former EDPS Peter Hustinx and then, his successor, the late Giovanni Buttarelli. Now, D'Cunha has taken a role at the European Commission at DG Connect, a segment of the Cybersecurity and Digital Privacy Unit. In this episode of The Privacy Advisor Podcast, D'Cunha discusses what he learned about the art of negotiation during his leadership role on the Directive, the future of ethics in the privacy profession and whether we're ever going to see that ePrivacy Regulation come to fruition.

February 19, the European Commission released its EU data strategy. As the IAPP's Riyan Chiavetta reported, the document outlines the commission’s five-year plan for “policy measures and investments to enable the data economy.” The commission based its strategy on four pillars, one of which is a cross-sectoral governance framework for data access and use. In conjunction with the release data strategy, the commission also published a white paper on AI. In this episode of The Privacy Advisor Podcast, the Future of Privacy Forum's Gabriela Zanfir-Fortuna, who's expertise on moves by the European government is exceptionally informed, discusses the new releases and whether they'll have a meaningful impact or if they're lofty, abstract goals.

In January, the U.K. Information Commissioner's Office released its proposed "Age Appropriate Design Code" aimed at protecting children's privacy online. The code, which will require parliamentary approval, outlines 15 standards online services should follow. It also provides guidance on data protection safeguards aimed at ensuring online services are appropriate for children's use. In this episode of The Privacy Advisor Podcast, Playwell's Linnette Attai talks to host, Angelique Carson, CIPP/US, about what the code means for companies who cater to children, and even more importantly, those who traditionally haven't but may be covered under the new rules. 

It would've been hard to miss the big news this week, news privacy advocates are heralding as a major win: Facebook has agreed to settle for $550 million in a class-action lawsuit alleging the company violated Illinois' biometric privacy law when it used facial recognition software to suggest users "tag" faces in photos they'd uploaded to the site. In this episode of the podcast, Jay Edelson, one of the plaintiff's attorneys who argued the case, talks about why he's "enormously proud" of what is " easily the largest cash privacy settlement in our nation's history" and why this is a good settlement for members of the class. 

Jan. 15, Washington State Legislature's Senate Environment, Energy & Technology Committee held its first public hearing on a reintroduced version of the Washington Privacy Act. Those who've been following developments on the state's privacy legislation will recall that last year, despite gaining some significant momentum, the bill failed. The new version of the bill has gained praise from many privacy advocates, and lawmakers in Washington have said the bill has significant bi-partisan support. But Jevan Hutson and Jennifer Lee, who both testified at Wednesday's hearing, have concerns that the bill fails to protect consumers in a number of ways. In this episode of the podcast, Hutson and Lee discuss what happened at the hearing and why they're not convinced this bill represents comprehensive privacy reform. Full Story

Anyone who's been in the privacy game for a minute will likely tell you 2019 was one of the most exciting — and stressful — years on the books. Regulatory and enforcement action, the mad dash to comply with the California Consumer Privacy Act and continuing efforts to operationalize GDPR-compliant programs were just a fraction of the news privacy professionals had to track this year in order to do their jobs well. The good news? That made for plenty of fodder for The Privacy Advisor Podcast. In this last episode of the 2019 season, five of the year's best-rated guests, according to you, talk about the pitfalls of 2019 and — more importantly — the essential developments they're tracking as 2020 approaches.