This week’s podcast episode features Steve Britt, Counsel at Parker Poe and privacy expert to discuss the five state privacy laws that went into effect in 2023 and the TEN that have been enacted in 2023, how they vary, what they have in common, and this new “trend” to protect consumer health data (not HIPAA data). Steve also discusses the new requirement for Data Protection Assessments, expanded protections for children’s data, and regulatory risk factors and triggers. He ends with key takeaways and has provided a slide deck for listeners to download and follow along as they listen to the podcast (see adcg.org/podcast for supplemental materials on this episode).

This episode features Peter Halprin, a partner in the New York City office of Pasich LLP in New York, representing commercial policyholders in complex insurance coverage matters, including cyber. We discuss the price increases in coverage and the scrutiny given claims under property and casualty, cyber, and corporate general liability policies, the risks in the application process, new technology risks associated with biometrics and AI, cyberwar exclusions, and possible changes to policy language to help manage claim risks to carriers.

This podcast episode features Mark Rasch, a renowned privacy and cybersecurity attorney, to discuss the SEC’s investigation into the SolarWinds incident and the “Wells notices” it sent to the company’s CISO and CFO. The Wells notices indicate the SEC is conducting a civil investigation of those individuals and they may be facing enforcement actions. The news sent tremors through the CISO community and brought back thoughts of Joe Sullivan’s criminal prosecution — and conviction — for the way he handled a breach while CISO at Uber. The SEC’s action is civil, but it targets certain individuals. We discuss what this means for CISOs, what they can do to protect themselves, and generally how the implementation of cyber governance programs can help protect CISOs by making cyber risk management a responsibility of all officers and directors.

In this episode we discuss privacy rights with Tom Kemp, a Silicon Valley-based author, entrepreneur, investor, and policy advisor who helped get the CPRA adopted and is author of the California Delete Act of 2023. His forthcoming book, Containing Big Tech: How to Protect our Civil Rights, Economy, and Democracy, published by Fast Company Press, focuses on the use of AI with personal data and the concentrated power of large Big Tech companies and how this paradigm impacts our personal privacy and lives. As an angel investor, Tom also discusses the types of privacy and cybersecurity companies that he is attracted to and the need for more technical solutions that can help manage privacy compliance. Here is an additional resource for you to post. Plus his book is available on pre-order at https://www.amazon.com/Containing-Big-Tech-Protect-Democracy/dp/1639080619

This week our guest is Sam DeNormandie, Senior Account Director with Silver Sky Security, a Managed Detection and Response (MDR) firm primarily servicing the small and mid-sized business (SMB) market. Sam is a seasoned cybersecurity expert with experience at Cylance, Blackberry, and Cyvatar and understands the security needs of the small to mid-sized business. This episode discusses the challenges faced by SMBs, in part due to the difficulty they have in hiring the people they need and managing the vulnerabilities they face. The MDR industry is growing at CAGR 18.1% and is expected to be $22B by 2030. What does that growth mean for MSSPs? Join us for this episode and learn how companies are struggling to keep pace with the threat environment and how MDRs are filling a void.

This week our guest is Susan Israel, principal of Susan Israel Law, and one of the most respected privacy professionals in the field. Susan has a pre-law background in broadcast news and publishing and has become one of the foremost experts on privacy compliance in the field of advertising technology. We discuss key aspects of AdTech compliance, such as cookies, location data, and IP addresses, the issues associated with them, and trends in legal frameworks and regulatory approaches. Susan also delves into industry groups playing a large role in AdTech and US and EU government perspectives.

This week’s podcast guest is Chris Jay Hoofnagle, professor of law in residence at the University of California, Berkeley and affiliated faculty with the Simons Institute for the Theory of Computing. We discuss Chris and Simson Garfinkel’s new book, Law and Policy for the Quantum Age, what quantum technologies are, the consequential implications of quantum technologies, actions within the White House and Congress supporting quantum R&D, and geopolitical issues in the race to develop quantum technologies.

This episode features Berit Anderson, COO of Future in Review and Strategic News Service, and Evan Anderson, CEO of INVNT/IP. Both Berit and Evan are geopolitical analysts, tech thought leaders, and media executives. We discuss the issue of whether TikTok will be banned in the U.S. and examine the data that could be collected, how it can be a rich source for open intelligence, and how it could be used for election interference. Strategic News Service coined the term CRINK — China, Russia, Iran, and North Korea, and Berit and Evan discuss the geopolitical aspects of TikTok (including CRINK) and how it could be a threat to national security and cybersecurity.

This week our guest is Heather West, Silicon Valley rock star and Senior Director of Cybersecurity Services at Venable LLP. We explore artificial intelligence (AI) and chatbots, such as ChatGPT, and discuss what these technologies can do, who will be early adopters and beneficiaries of AI, whether articles or answers generated by AI can be trusted, and look at some of the privacy and security risks associated with AI. Heather is policy and tech translator, product consultant, and long-term Internet strategies working at the intersection of emerging technologies, culture, governments, and policy. Prior to joining Venable, Heather had stints at Meta and Mozilla.

Lauren Wallace, Chief Privacy Officer and General Counsel for RadarFirst, a leading tool for cyber incident management joins our host, Jody Wesby, on episode 86 of ADCG on Privacy & Cybersecurity. Building off our last podcast with Violet Sullivan, we discuss how privacy and cybersecurity incidents are converging and the difficulty large companies are having in managing the vast array of data involved in incident response, especially as it relates to U.S. and global privacy and cybersecurity compliance requirements. We also delve into the complexity of notification requirements, involving law enforcement, consumer protection agencies, attorneys general, regulators, and victims and how incident response tools can help manage the notification process and decrease notification. Lauren Wallace is a digital privacy subject matter expert, working at the intersection of technology and data subject rights. A senior privacy and technology counsel, Lauren has significant real-world experience in enterprise technology transactions, data protection, partnerships, and product.