Who owns our personal data? As technology advances in Web 3.0, traditional software and claims of third parties over what they can do with our personal data are under challenge. Join Chris Were, co-founder and chief architect of the Australian company Verida, to consider how blockchain thinking can allow us to achieve self-sovereign identity. Explore in Episode 132 what this means and how we can take better control of our digital presence. Understand the meaning of self-sovereign identity,...

Oregon, California, and TikTok top the list of data privacy developments of June 2023. Tune in for how Oregon’s new data privacy statute blends the best of California and other state statutes for a comprehensive code and adds a unique twist about who can enforce it. Learn how a California court extended the effective date of a California agency’s regulations drafted to implement the Golden State’s pioneering California Consumer Privacy Act. Consider a whistleblower’s sworn testimony that...

Employers and employees – how much privacy is there in the workplace? Episode 130 explores this question in the United States. What’s an employee’s reasonable expectation of privacy while working? How do federal and state laws limit employer surveillance of employee activity? What limits are there to an employer’s monitoring of employee use of company time and property? Employees use company-provided computers, phones, and other property for a variety of personal purposes, often injecting...

What happens to our personal information after death? What can we or society do about whether any privacy exists for dead people? Episode 129 considers post-death privacy. Data privacy laws are largely for and about the living and give scant attention to the dead. But a few extend to protect data privacy after death, regarding medical information and dignitary interests of decedents and families. It’s not quite a free-for-all. Consider how estate plans generally ignore a person’s digital data...

Our personal medical information is sensitive. It becomes digital data shared beyond the medical professional who requests and needs it to provide care. Learn how our medical information is shared and used in ways that create privacy risks many of us do not wish to assume, how tech companies profit from its use, how federal and state law provide rules about medical privacy, and what companies and individuals can do about the subject. Our guest Jay Barnes is an attorney with the firm of...

Get the latest on data privacy news from May 2023. Meta is fined about $1.3 billion for transferring European personal data to the States. But what’s underneath this record fine? What does it mean for how personal data rules are enforced in the EU? Are EU standard contractual clauses no longer a safe harbor for trans-Atlantic business? Washington adopts a data privacy law for health data. Will this be copied by other states as part of the ebb and flow since Roe v. Wade’s overturning? Texas...

Bail decisions are critical in the lives of arrested persons. They come without judgment of guilt or innocence but can mean the deprivation of freedom for individuals as they await trial. But they can also have crushing unintended consequences for persons who become the victims of persons released without bail or on insufficient bail. Episode 126 takes no position on the headline debates about bail reform. Instead, Ken W. Good takes us on a tour of the privacy issues involved with bail. A...

Identity orchestration. Explore its meaning. Discover in Episode 125 how identity orchestration can protect data privacy and data security. Founder and CEO of Strata Identity [https://www.strata.io/], Eric Olden explores with us the change under way from passwords and multi-factor authentication to a radically different approach to safeguarding and verifying identities in a world of distributed data. Learn what a blue checkmark will mean within LinkedIn as one example. Consider how a system...

The modern automobile – a marvel of technology and transportation. It collects enormous amounts of data about us. This information is used for continuous improvement in design and safety and for our convenience. But it also creates risks to personal privacy. Episode 124 provides a tour of what automakers, suppliers, and users can do to create fair controls over how the automobile monitors, records, and shares personal information. Standard setting includes the Alliance for Automotive...

What do Indiana, Tennessee, and Montana have in common? They adopted comprehensive data privacy laws in April 2023. Explore the similarities and differences and a unique Tennessee provision about national standards. Is a pattern emerging for how the U.S. regulates personal data? Consider the privacy implications of Artificial Intelligence. Global leaders are racing to understand and decide how to regulate AI. G7 leadership met in Japan on April 29 to consider a joint approach to the dark...

How can an organization comply with a wide diversity of privacy laws being adopted and changed across the globe? How does an organization create a compliant and privacy-responsible policy to assure its customers that their privacy will be protected? Join Rachael Ormiston, Head of Privacy at Osano, as we explore these questions. Osano offers a “No Fines, No Penalties Pledge” to its customers. The World's Most Trusted Data Privacy Software Platform | Osano (https://www.osano.com/). Consider how...

Join Duane Laflotte and Patrick Hynds of Pulsar Security as the Data Privacy Detective asks these essential questions about cyber-crime and data privacy: How hard is it to break into a website or organization’s IT system? What are top tips for mid-sized organizations to defeat data attacks? What’s the future for people seeking a cybersecurity career? Pulsar Security offers institutions cyber-protection through software and services to prevent data leaks and losses at reasonable cost....

Artificial Intelligence and data privacy. Explore their relationship in this episode. It’s a subject little addressed by law or regulators and largely invisible to the public. AI depends on amassing a huge amount of personal information, collected and processed largely without consent or awareness of individuals whose personal information is being used. Once collected by AI businesses, personal data can leak to bad actors. And the services that are AI-driven can result in misapplications and...

What do ChatGPT, Iowa, TikTok, and Spyware have in common? They all made data privacy news in March 2023. Italy’s Data Protection Authority blocked ChatGPT internet use on privacy grounds, the first western government to do so. Iowa became the sixth U.S. state to adopt a comprehensive personal data protection code. President Biden issued an Executive Order against federal use of social media containing spyware, without expressly naming TikTok or China as the targets. Join the Data Privacy...

Prominent South African data privacy attorney Ahmore Burger-Smidt described 2022 as a year of “bloodbath” for personal data privacy in a recent report from her firm Werksmans. The firm manages the Lex Africa Legal Alliance, with members in over twenty-five African countries. Cybercrime is extensive and growing in Africa, similar to trends evident in the rest of the world. Cybercriminals employ increasingly sophisticated phishing attacks and business email compromise schemes and have expanded...

The European Union’s GDPR (General Data Protection Regulation) became effective in May 2018. It declared a thorough and far-reaching set of rules for data privacy and became the global leader in how personal data privacy can be regulated and enhanced. What have almost five years shown? Is it successful? Entrenched? A model others follow? And how does it work in practice in 2023? Episode 117 considers how GDPR has become an embedded fabric for how personal information flows – or fails to flow...

Government regulation is moving towards giving consumers the right to stop companies from selling or share their personal information. How easy do companies make it for consumers to make this request—and then have it mean something? This episode contrasts two companies that take very different approaches to the question. One company makes its money through advertising, and to do that it needs to collect and share personal information of those who use its browser and other offerings. Another...

Many of us wonder how the internet knows so much about us. We are barraged with tailored ads as we use the internet. How does this happen? How does this affect the compliance risks of businesses and the data privacy of us all? Dan Frechtling, CEO of Boltive, explores the digital advertising ecosystem in Episode 115. Explore the sub-terrain of the internet, how it creates advertising revenue that is the business model of many tech firms, how unwanted ads and mal-advertising encroach, how it...

The Data Privacy Detective welcomes Frost Brown Todd attorneys Mike Nitardy and Yugo Nagashima to cover three important developments in the world of data privacy: -Updates to the California Privacy Rights Act (“CPRA”) – highlights of final regulations just issued -FTC settlement with GoodRX - the first enforcement of the Health Breach Notification Rule – its meaning for the healthcare industry and us -European Commission’s proposed “Data Act,” which could radically change the rules of data...

Business Email Compromise – it’s a major way that global thieves steal trillions of dollars. Bill Repasky, an attorney at Frost Brown Todd LLP, with years of experience in electronic payments and cyber-fraud defense, explains how attacks of this type occur, why they are growing, what can be done to prevent them, and what a business can do if attacked this way. Common types of Business Email Compromise attacks are what appear to be incoming customer payments, outgoing payments to suppliers of...

In this bonus episode, we bring you the Data Privacy Detective's guest appearance on the Privacy Week podcast's "The Privacy Panel Discussion" special.

Canada and the United States are each other’s major commercial partner. Many U.S. companies have Canadian customers and collect and process personal information about Canadians. They must therefore understand Canada’s and its provinces’ regulation of personal data privacy. The Canadian regulation of data privacy is very complex, with a maze of the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and provincial laws and regulations. In this conversation with...

“If it’s free, then you are the product.” We carry in our pockets devices that have powerful mechanisms for collecting our information–where we go, what we buy, and even how fast we move. Every time we scroll through social media on our phones, we are submitting extremely precise data about what we might be interested in… even down to how many seconds we slow down to look at an individual post. By using these products and services, we are in effect consenting to this data collection, which...

Tech giants like Google, Apple, and Facebook incur huge Euro fines from European Union data privacy authorities. This is a “stick” approach, perhaps more like a “club,” of forcing EU rules upon global companies, aiming to force tech giants to change data privacy policies and practices to GDPR’s strict demands. Enter the Netherlands - with a different way of achieving changes in privacy practices through a joint approach. A January 23, 2023 New York Times article by Natasha Singer highlighted...

The Data Privacy Detective Joe Dehner will be appearing as part of the LinkedIn Live event, "Privacy Week Podcast Palooza." Tune in on Thursday, January 26 from 3:00 to 4:00 p.m. EST: https://www.linkedin.com/video/event/urn:li:ugcPost:7021476486180212738/