Send us a textDebbie Reynolds, “The Data Diva” talks to Kar Wong, Founder and Chief Consulting Officer at Young Technology Consulting (Singapore). We discuss privacy laws in Asia, including the history of data protection laws in Singapore, Malaysia, and the Philippines. We also compared data protection laws in Asia to those in Europe and the US, noting that while there are some differences, there are more similarities than differences. We also discuss the differences in consent prioritization between Asian countries and Europe, with consent often a higher priority in Asian countries. We also touch on the complexities of data localization and its impact on sensitive data and international trade.We also discuss the challenges of enforcing data privacy laws and the penalties for sending data without government approval, particularly in China. We expressed concern about the impact of strained relationships between countries on cross-border trade involving data transfer. We also delve into AI governance and its impact on privacy risks, highlighting the need for privacy professionals to reassess their data and processes to avoid regulatory issues. We also discuss the future of privacy and technology, emphasizing the importance of privacy and how technology can help protect it.Overall, the episode highlights the challenges and nuances of privacy laws in Asia, including differences in consent prioritization and data localization. We also discuss the challenges of enforcing data privacy laws and the impact of AI governance on privacy risks. The conversation emphasized the need for continued innovation in privacy and technology to protect privacy in the future.  Support the show

Send us a textDebbie Reynolds, “The Data Diva” talks to Nandita Rao Narla, Head of Technical Privacy & Governance, DoorDash. Nandita shares her journey from cybersecurity to privacy engineering, providing valuable insights into the challenges and opportunities in the field. The conversation covers a range of topics, including the difference between cybersecurity and privacy, the importance of data governance, and the complexities of data deletion and AI in relation to privacy.Debbie and Nandita discuss the challenges companies face with data retention and deletion. We explain that privacy regulations have brought in requirements around data retention, which has become a risk for companies that are accustomed to keeping everything. We also mention the lack of data governance programs and the high cost of implementing end-of-life data controls. Debbie and Nandita agree that this is a difficult and expensive problem for most companies and that privacy teams are being asked to do more with less, and Nandita shares her hope for Data Privacy in the future.Support the show

Send us a textDebbie Reynolds, "The Data Diva" talks to Kurt Roosen, Head of Innovation, Isle of Man, Government Digital Agency. We discuss various topics related to technology, privacy, and ethics. We cover Kurt's career trajectory, his work with the Isle of Man Government Digital Agency, and the challenges of balancing government regulation and innovation while protecting citizens and the environment. We also explore the implications of AI on society, emphasizing the importance of understanding the risks and opportunities of AI and the need for education and critical thinking to avoid over-reliance on technology.The discussion also touches on online vulnerability and how companies have taken their bad habits from the analog world and moved them into the digital and cloud. We discuss the concept of security through obscurity and how it has impacted companies and share examples of companies that hackers have outmaneuvered despite their strong defenses. We also discuss the challenges of balancing responsible and irresponsible use of AI, citing examples of bias and unintended consequences in Amazon's hiring and X-ray analysis.Throughout the episode, Kurt and Debbie emphasize the importance of transparency, accountability, and privacy in creating a more just and equitable society. We discuss the potential risks of using data to make inferences about people's beliefs and identities and the need for relevant and ethical protections under GDPR. We also highlight the role of human rights lawyers in defending individuals' rights. Ultimately, the episode provides a thought-provoking discussion about the complex issues of privacy, ethics, and technology and his hope for Data Privacy in the future.Support the show

Send us a textDebbie Reynolds, “The Data Diva” talks to Emma Butler, Creative Privacy (United Kingdom). We discuss a range of topics related to Data Privacy in an upcoming podcast. Emma shares her unique perspective on issues such as regulation, risk appetite, and the challenges small businesses face. We also discuss the importance of plain English and a people-centered approach to data protection, as well as the challenges of working in the field and the different roles of lawyers and non-lawyers. The role of a DPO in advising organizations is also discussed, emphasizing the importance of communicating what the law requires and working with the organization to achieve the right outcome. Emma stresses the importance of understanding the separation between the company and the data protection officer and that the decision and consequences of taking risks and noncompliance fall on the company. We also discuss professionalism in the privacy community on LinkedIn and the growing polarization in society. We also discuss the importance of maturity level and compliance within organizations, emphasizing the need for a realistic and sustainable approach that matches the organization's risk appetite and priorities. We highlight the importance of regulators and lawmakers adopting a people-centered approach to data protection and developing legislation that works for their context and culture. Overall, the conversation emphasizes the importance of a people-centered approach to data protection, the need for critical thinking and reasoned debate in the industry, and Emma’s wish for Data Privacy in the future.Support the show

Send us a textDebbie Reynolds, “The Data Diva” talks to Pamela Isom, Chief Executive Officer and Founder, IsAdvice & Consulting LLC, Former Executive Director the Artificial Intelligence and Technology Office, U.S. Department of Energy (DOE). We discuss Pamela’s extensive experience in various fields, including AI and cybersecurity. We discuss the evolution of AI from expert systems to Generative AI, with Pamela highlighting the need for accountability, bias mitigation, and ethical governance. We also discuss the limitations of AI and the importance of using it as a helper, not a replacement for humans. Pamela shared her experience of being kicked out of a group call because someone thought she was an AI, highlighting the lack of human judgment in relying solely on AI tools.The conversation then shifted to the risks and challenges associated with AI, including privacy concerns and the potential for AI to make judgments about people. Pamela drew attention to the alarming case of a 14-year-old girl whose photos were used in deepfakes, highlighting the serious risks posed by this technology. We also discuss the challenges of determining the authenticity of AI-generated content and the need for watermarking and content authenticity initiatives. Debbie Reynolds and Pamela Isom delved into the importance of data lineage and provenance in AI decision-making, emphasizing the need to know the origin and journey of data.We conclude the discussion on the importance of ethics in AI and the challenges of implementing them in government. We highlight the importance of networking and building relationships in the field of AI and technology. Pamela also expressed concern about children receiving scam calls that sound like their loved ones and emphasized the need to educate children about cybersecurity and privacy and her hope for Data Privacy in the future.Support the show

Send us a textDebbie Reynolds, “The Data Diva” talks to Vikram Koppikar, Senior Manager, Privacy - South Asia and Metropolitan Asia,  Kenvue  - Formally Johnson Consumer Health (Mumbai). We discuss challenges faced by multinational corporations in terms of privacy laws and the differences between GDPR and APAC laws. Vikram expresses concern about the contradiction between the express consent and legitimate use provisions in the recent Indian Data Protection Act and suggests that the provision needs to be clarified or made more similar to the legitimate interest concept in GDPR to address these concerns. We discuss fines and penalties for companies that violate privacy regulations, the rights of Indian citizens to sue, and the importance of privacy as a fundamental right.The conversation touches on data localization requirements, limited data transfer mechanisms, and criminal penalties for data protection infractions in Asia, with a suggestion that monetary penalties on corporates may be more effective than criminal punishment. Debbie and Vikram stress the importance of ethical and legal processing and utilization of personal information for both individual and corporate benefit. They agree that companies must understand that data belongs to people and that privacy is a fundamental right.Vikram shares his hope for a society that realizes the power of personal information and the benefits it can bring to citizens, and Debbie highlights the importance of empowering people to understand their rights. They also discuss the impact of data protection regulations on companies, emphasizing the need for a roadmap to know what is expected of them when doing business in different regions.Support the show

Send us a textDebbie Reynolds, “The Data Diva” talks to Karen Habercoss, Chief Privacy Officer, University of Chicago. We discuss the challenges of operationalizing privacy and security concepts within organizations and the need for strategic partnerships. Karen shares her unique trajectory in privacy and healthcare compliance, emphasizing the importance of having a diverse skill set and being able to interpret laws and regulations in a relevant way for stakeholders. We discuss the limitations of HIPAA and the need for a more comprehensive approach to privacy risk in healthcare.The conversation also delved into the complexities of electronic interoperability and marketing in healthcare. They discussed the potential benefits of interoperability, such as improved patient experiences and more seamless connections between healthcare providers, but also acknowledged the risks involved, including the need for transparency and the potential for data breaches. We also explore the challenges of marketing in the healthcare space, particularly in regard to protecting sensitive information and being transparent with patients.We discuss the importance of transparency and privacy in-app permissions, the need for transparency and patient permission when using identifiable data for research purposes, and the importance of privacy and security working together to mitigate risks for the organization. We also explored the risks and opportunities of AI in healthcare privacy, emphasizing the need for education around the risks and opportunities of AI and the importance of assessing its impact on privacy. Finally, Karen shared her wish for increased transparency in healthcare, believing that transparency is important in helping people make informed decisions for themselves and reducing paternalism in the industry.Support the show

Send us a textDebbie Reynolds, “The Data Diva” talks to Justin Daniels, Corporate Mergers & Acquisitions Counsel and Cybersecurity Expert, Baker Donelson LLP. We discuss the importance of privacy and security awareness in the context of increasing digitization and regulation. Justin explained the new cybersecurity regulation passed by the SEC that requires publicly traded companies to report material data breaches to the SEC within four days and talk about how they manage security risk in their annual reports.We discuss the challenges companies face in cybersecurity, including the lack of awareness among C Suite executives and the credibility gap between what leaders say in public and allocating resources towards privacy and security. We emphasize the need for education and building general awareness to prevent human error in cyber breaches. We also discussed the double-edged sword of emerging technologies and the need for education and awareness to mitigate cybersecurity risks.The conversation also touches on the importance of balancing public safety with privacy and cybersecurity concerns, particularly in using digital cameras and facial recognition technology in public spaces and schools. We explore the limitations of current remedies for privacy violations and suggest that more severe consequences, such as criminal penalties, may be necessary to incentivize companies to prioritize privacy and security. Overall, the conversation highlights the importance of proactive measures to address cybersecurity threats rather than accepting the status quo of frequent hacks and breaches and his hope for Data Privacy in the future.Support the show

Send us a textDebbie Reynolds, “The Data Diva” talks to Vivek Kumar, Assistant Vice President, Data Protection, EXL Service Holdings, Inc. We discuss various topics related to data privacy and protection. Vivek emphasizes the importance of catering to a broad audience and explaining acronyms. The conversation highlights the challenges faced by both large and small companies in ensuring compliance and building effective risk assessment frameworks. We discuss the importance of accountability and transparency in AI development, the need for regulations to ensure fairness and transparency in AI, and the importance of privacy by design. We also discuss the growing importance of consent management in data protection, the challenges of managing consent life cycles, and the need for communication and awareness across departments to avoid missed touchpoints and ensure compliance with data protection regulations. We also discuss the challenges of implementing privacy compliance within organizations and the need for privacy-enhancing technology to address these challenges. Finally, we discuss the importance of privacy in data governance and the challenges of implementing effective privacy programs, emphasizing the need for a pragmatic and balanced approach to privacy in the face of evolving technologies and regulations and his hope for Data Privacy in the future.Support the show

Send us a textDebbie Reynolds, “The Data Diva” talks to Kimberly Gold, Chief Privacy Officer, Senior Associate General Counsel, and Executive Director, Privacy Law,  Genentech (BioTech). We discuss her unique journey into the world of privacy. Starting as a corporate attorney, she gradually developed a keen interest in the intersection of healthcare and technology. The discussion revolves around the intricate realm of privacy within the biotech industry, governed by a complex web of regulations, including HIPAA, state privacy laws, clinical trial regulations, and consumer protection laws. Kimberly underscores the significant impact of artificial intelligence (AI) on healthcare privacy and stresses the importance of its responsible and ethical use.Throughout the episode, Kimberly dispels misconceptions surrounding HIPAA, emphasizing that it is not a comprehensive privacy law and covers only a limited scope of healthcare-related information. State privacy laws, she notes, play a crucial role in filling the gaps left by HIPAA, with a focus on protecting health data not covered by federal law. Kimberly also highlights specific state initiatives, such as the My Health, My Data Act in Washington state, designed to safeguard health privacy, particularly in reproductive healthcare.The conversation resonates with notable quotes from Kimberly, including her belief in the abundant opportunities for those interested in privacy and technology-related work. She also advocates for a federal privacy law in the United States as a forward-looking step in safeguarding privacy rights. In conclusion, this podcast episode offers valuable insights into the evolving landscape of privacy in biotech, the challenges posed by AI, and the importance of responsible data practices to protect patient privacy and her wish for Data Privacy in the future.Support the show