In this episode, I’m joined by Roy Smith, CEO and founder of PrivacyCheq, a privacy tech company that develops privacy-enhancing technologies for mobile and web. We discuss the history of online privacy and data protection laws, current challenges within the ad tech space, and GPC, a newly proposed web standard for signaling privacy preferences.-----------Thank you to our sponsor, Privado, the developer friendly privacy platform-----------A most common myth that Roy sees end-users buying into is that cookie banners are all that a company need  deploy for compliance with modern privacy and data protection laws. Roy breaks down how adtech companies use "the cookie myth" to distort how people perceive what's required for operational compliance. He illustrates the tsunami of global privacy regulations related to adtech and the limitations that exist due to siloed consent data. We dive deeper into the W3C's newly proposed Global Privacy Control (GPC) specification and how GPC lets users signal their desired privacy levels just by browsing the web. Roy unpacks why it was developed and what problems it solves on a legal level. He also highlights his concern that implementing GPC will create a false sense of privacy as GPC signals depart from consumer expectations. Listen to  our conversation on the benefits and drawbacks of GPC.-----------Listen to the episode on Apple Podcasts, Spotify, iHeartRadio, or on your favorite podcast platform.-----------Topics Covered:How the regulatory framework for privacy and tracking has changed over time The global response to surveillance capitalismThe challenges and downfalls of the IAB's Transparency & Consent Framework (TCF)The problem of “consent fragmentation”The W3C’s newly-proposed Global Privacy Control (GPC) specificationWhere Roy sees opportunities for improvementThe nuances between WC3’s "do-not-sell or share interaction" and "do-not-sell or share preference"Roy's point of view regarding web privacy and whether GPC is sufficient for signaling privacy preferences, the benefits to the adtech industry, and potential drawbacks. Resources Mentioned:Check out the GPC educational website and the proposed W3C technical specification Guest Info:Follow Roy on LinkedInFollow Roy on TwitterLearn more on PrivacyCheq's websiteSend us a text Privado.aiPrivacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.Shifting Privacy Left MediaWhere privacy engineers gather, share, & learnBuzzsprout - Launch your podcastDisclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Copyright © 2022 - 2024 Principled LLC. All rights reserved.

(Episode Transcription)This week, I’m joined by Dave Burnett, VP of Strategy at ZeroBiometrics, to discuss his company’s cutting edge approach to using one’s face to biometrically-authenticate to systems w/o storing personal data, preventing breaches. We’ll discuss current approaches to deploying biometric authentication, unpack surrounding privacy & security challenges, and explore his company’s tech & why it may enable the biometrics industry to leapfrog over current tech hurdles as there’s now a privacy-preserving method to biometric authentication .—------Thank you to our sponsor, Privado, the developer friendly privacy platform.—------Rather than iterate on older technology, ZeroBiometrics approached its biometric authentication tech using a clean-sheet design. As a result, they created tech that captures no personal data, not even a biometric. Thus, it doesn't know what someone looks like and doesn’t save personal data to authenticate. In our conversation, Dave pulls back the curtain this magical-sounding tech and shares compelling examples of how ZeroFace enables privacy-preserving biometric identification, verification, authentication, and account recovery. The expansion of biometrics is unstoppable at this point. Security risks and privacy issues are too significant, and global legislation can't keep up. Dave illustrates why we can't keep working within the old biometric paradigm if we want to protect our identities and personal data and explains how his team works to bridge the gap between technologists and end-users.Listen to the episode on Apple Podcasts, Spotify, iHeartRadio, or on your favorite podcast platform.Topics Covered:Key challenges as we evolve from mobile biometrics to other use cases.Technical & policy differences that affect privacy.How industry leaders like Apple have approached facial & fingerprint biometrics.How ZeroFace authenticates you w/o knowing what you look likeAddressing privacy usability challenges in the crypto space.ZeroBiometrics’s impressive metrics for false acceptance (FAR) & rejection rates (FRR)How using a ZeroFace's QR code can radically change the way we travel, ship goods & authenticate to our devicesGuest Info:Follow David on LinkedInLearn about ZeroBiometricsFollow Send us a text Privado.aiPrivacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.Shifting Privacy Left MediaWhere privacy engineers gather, share, & learnBuzzsprout - Launch your podcastDisclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Copyright © 2022 - 2024 Principled LLC. All rights reserved.

(Transcription)Welcome to the first episode of Shifting Privacy Left. To kick off the show, I’m joined by Kavya Pearlman, Exec Director of The eXtended Reality Safety Initiative (XRSI) to discuss  current challenges associated with extended reality (XR), the XRSI Privacy & Safety Framework, and the importance of embedding privacy into today’s technology.---------**Thank you to our sponsor, Privado, the developer friendly privacy platform**---------In our conversation, Kavya describes her vision for bridging the gap between government & technologists. While consulting  Facebook back in 2016, she’s witnessed 1st-hand the impacts on society when technology risks are ignored or misunderstood. As XR technology develops, there’s a dire need for human-centered safeguarding and designing for privacy & ethics. We also discuss what it’s been like to create standards while the XR industry is still evolving, and why it’s crucial to influence standards at the foundational code-level. Kavya also shares her advice for builders of immersive products (developers, architects, designers, engineers, etc.) and what she urges regulators to consider when making laws for web3 tech. Listen to the episode on Apple Podcasts, Spotify, iHeartRadio, or on your favorite podcast platform.Topics Covered:The story behind XRSI, its mission & overview of key programs.The differences between the "XR" & "metaverse."XRSI's definitions for new subsets of "personal data" w/in immersive experiences: biometrically-inferred data & psychographically-inferred data.Safety, privacy & ethical implications of XR data collection & use. Kavya explains the importance of the human in the loop.Check out XRSI:XRSI Privacy & Safety Framework - XRSI PSF1Metaverse Safety WeekGuest Info (Kavya Pearlman):Follow on Twitter: @KavyaPearlmanConnect on LinkedIn: Kavya PearlmanEmail Kavya: kavya@xrsi.orgSend us a text Privado.aiPrivacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.Shifting Privacy Left MediaWhere privacy engineers gather, share, & learnBuzzsprout - Launch your podcastDisclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Copyright © 2022 - 2024 Principled LLC. All rights reserved.