Podcasts about ccpa

For episode 606 of the BlockHash Podcast, host Brandon Zemp is joined by Patrick Moynihan, President and Co-founder of Tracer Labs.Tracer Labs is building the future of digital trust. As the parent company of Trust ID and a founding member of DCID, we create self-sovereign identity (SSI) and consent solutions where control follows the user and not the website.Patrick leads a team bringing privacy-first, quantum-resistant identity to Web3, where user consent and data aren't just protected, but unified across platforms. Tracer Labs has replaced invasive device tracking with patent pending tech that gives individuals one login, full control, and real-world rewards—think GDPR and CCPA compliance, higher business conversions, and verified zero-party data. Their aPaaS integrates seamlessly for instant impact, with paid rollouts underway and brand partnerships like Bass Pro Shops and Expedia already in progress. ⏳ Timestamps: (0:00) Introduction(1:17) Who is Patrick Moynihan?(16:16) How can Trust ID be used?(22:00) How are users incentivized to share data?(28:46) Online data protection for kids(33:47) Quantum resistant identity(41:36) Tracer Labs roadmap 

Christine Russo, host and creator of What Just Happened, sits with Ethan Chernofsky of Placer.ai.Placer.ai was built with privacy at its core. From its 2018 launch, the company avoided collecting personally identifiable information (PII), instead focusing on anonymized, aggregate data. This approach aligned with GDPR and CCPA regulations, allowing Placer to demonstrate that location intelligence can be both privacy-centric and commercially valuable. While this choice meant leaving some revenue opportunities (like hyper-targeted advertising) on the table, it reinforced trust, credibility, and long-term sustainability.Two major misconceptions surfaced in the discussion:Data replaces intuition. Many assumed that advanced analytics would replace industry experience and gut instinct. In reality, Placer frames data as an empowerment tool—complementary to human judgment, not a substitute.Visits equal transactions. A common misunderstanding is that foot traffic should directly correlate to sales. Instead, visits represent multiple forms of value: discovery, intent, pickup, consideration, and brand engagement. This broader view reframes physical stores as multi-purpose platforms for marketing, fulfillment, and consumer connection, not just sales points.The conversation emphasized how retail decision-making is evolving:From outdated tools to scalable intelligence. The industry shifted from handheld “clickers” and gut instinct toward data-driven decision frameworks that still honor human experience but make it actionable and scalable.The pandemic's unexpected boost. Rather than killing physical retail, COVID-19 ultimately strengthened it, highlighting the resilience and adaptability of brick-and-mortar models.Data as a universal language. Placer's insights became a common currency across verticals—real estate, retail, finance, CPG, and advertising—spurring new ways to measure impact, optimize inventory, and harmonize digital with physical.The future of insights in the AI era. With AI simplifying access to information, the differentiator won't just be data but the decisions leaders make. Trust, creativity, and the ability to “zag” when others “zig” will define competitive advantage.

Looking to build a career in data privacy? This InfosecTrain masterclass unpacks everything you need to know about becoming a Certified Data Protection Officer (DPO) in 2025. From mastering GDPR and India's DPDP Act to understanding global frameworks like CCPA, HIPAA, and ISO 27701, this episode gives you a clear roadmap to thrive in one of the most in-demand roles in cybersecurity and compliance.Whether you're in India, Europe, or any global enterprise, you'll gain insights into DPO responsibilities, essential skills, and strategies to elevate your career.

Nonprofits lean on outside platforms to save time and stretch budgets—but those relationships can quietly expose sensitive donor, client, and payment data. In this episode, Senior Cybersecurity Advisor Parker Brissette of Richey May explains how to recognize and manage third-party software risk before it becomes tomorrow's headline. He starts with a simple lens: follow the data. Where is it stored? Who can touch it—directly or indirectly? Many teams only think about contracted vendors, but Parker widens the aperture to “shadow IT” and consumer tools staff use without formal approval. As he puts it, “Third parties is really anybody that can touch the data at any point in your business, whether you have an agreement with them or maybe not.”From privacy regulations (GDPR, CCPA) to sector-specific rules (HIPAA, PCI), nonprofits carry legal and reputational exposure the moment personal information enters their systems. Parker offers practical steps: inventory paid tools via your accounting system; ask, “If this vendor vanished tomorrow, what would break?”; and press vendors for proof—SOC 2 reports, ISO 27001, or completed security questionnaires. For organizations without a CIO, he recommends clear contracts and one non-negotiable safeguard: “The biggest thing that I recommend in any third-party engagement is setting an expectation of having cyber insurance, because that's a big protection for you financially.”AI enters the picture with both promise and peril. Consumer AI tools can learn from and retain your uploads, potentially exposing proprietary or personal information. Enterprise agreements (e.g., Microsoft Copilot) can offer stronger data protections, but only if configured and used correctly. Parker's guidance is pragmatic: don't ban AI; set guardrails, choose vetted tools, and train teams.Finally, he urges preparation and transparency. Incidents can happen—even with good controls. Donors and corporate funders expect frank communication about what protections exist and what happens if data is exposed. Build trust now by documenting safeguards, validating vendors, and rehearsing your response.You don't have to be a security expert to make smart choices—but you do need a map: know your systems, test your assumptions, ask vendors for evidence, and write risk into your contracts and budgets. That approach turns anxiety into action—and preserves the trust your mission depends on.Find us Live daily on YouTube!Find us Live daily on LinkedIn!Find us Live daily on X: @Nonprofit_ShowOur national co-hosts and amazing guests discuss management, money and missions of nonprofits! 12:30pm ET 11:30am CT 10:30am MT 9:30am PTSend us your ideas for Show Guests or Topics: HelpDesk@AmericanNonprofitAcademy.comVisit us on the web:The Nonprofit Show

 ¿Cómo la Ley 102-2025 impacta a los CPA en Puerto Rico? En este episodio de Martes de Números, conversamos sobre esta Ley y las recomendaciones del CCPA para enmendarla. ¡No te lo pierdas!.▶️Disponible en

Daniel M. Goldberg is the Partner and Chair of the Data Strategy, Privacy & Security Group at Frankfurt Kurnit Klein & Selz PC. He advises on a wide range of privacy, security, and AI matters. His expertise spans from handling high-stakes regulatory enforcement actions to shaping the application of privacy and AI laws. Earlier this year, the California Privacy Lawyers Association named him the "California Privacy Lawyer of the Year." In this episode… California is reshaping privacy compliance with its latest updates to the California Consumer Privacy Act (CCPA). These sweeping changes introduce new obligations for businesses operating in California, notably in the areas of Automated Decision-Making Technology (ADMT), cybersecurity audits, and risk assessments. So, what can companies do now to get ahead?  Companies can prepare by understanding the scope of the new rules and whether or not they apply to their business, as the regulations are set to take effect on October 1, 2025, if they are filed with the Secretary of State by August 31. If that filing happens later, the next effective date will shift to January 1, 2026. The rules around ADMT are especially complex, with broad definitions that could apply to any tool or system that processes personal data to make significant decisions about consumers. Beyond ADMT, certain companies will also need to conduct comprehensive cybersecurity audits through an independent auditor, a process that may be challenging for smaller organizations. Risk assessments impose an additional obligation by requiring reviews of activities such as processing, selling, or sharing sensitive data, and using ADMT for significant decision-making, among others, with attestations submitted to regulators. The new rules make it clear that California regulators also expect companies to maintain detailed documentation and demonstrate accountability through governance. In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels talk with Daniel Goldberg, Partner and Chair of the Data Strategy, Privacy & Security Group at Frankfurt Kurnit Klein & Selz PC, about how companies can navigate the CCPA's new requirements. From ADMT to mandatory cybersecurity audits and risk assessments, Daniel provides a detailed overview of the complex requirements, explaining the scope and its impact on companies. He also outlines how these new rules set the tone for future privacy and AI regulations, why documentation and governance are central to compliance, and shares practical tips on the importance of reviewing AI tool settings to ensure sensitive data and confidential information are not used for AI model training.

Questions Piotr addresses in this episode:What is FORMEL SKIN, and how does it solve dermatology's bottleneck in Germany?How did Piotr's career in analytics develop across multiple verticals?Why is ‘perfect data' a myth in mobile marketing?How do you responsibly track and aggregate users before registration?What's the difference between front-end and back-end behavioral data?How do device/user mismatches and changes create analytics headaches?What are the new challenges and gray areas in privacy (GDPR, CCPA, device fingerprinting)?Where does fraud hide in aggregated data, and how do you find it?Why does fraud persist, and what incentives make it so durable?How could success in mobile marketing be measured differently to promote collaboration and integrity?Timestamps(0:00) – Introducing FORMEL SKIN, Piotr's role, and Germany's digital dermatology(1:18) – Marketing analytics in dating, fintech, health(2:50) – Why ‘perfect data' is a myth(5:00) – Assigning pseudo-user IDs, device-based tracking(6:00) – Aggregated data, ‘chasing ghosts,' and its pitfalls(8:00) – Combining front-end and back-end data; challenges in stitching(9:36) – Device vs. user: confusion, mismatches, and noise(11:13) – Balancing privacy vs. marketing needs; legal and business conflicts(12:30) – Device fingerprinting: what's legal, what's risky, and why(14:22) – The end of one-to-one attribution; rise of aggregated, top-level analysis(16:05) – Marketing fraud: what's changed, sneaky affiliate/network tricks(19:08) – Incentives, alignment failures, and why fraud persists(21:40) – Filtering fraud: long onboarding, compliance, and technical vigilance(23:38) – ‘Success' in mobile marketing and why responsibility must be shared(32:08) – Wrap upQuotes(2:50)  “Don't expect perfect data – especially in marketing where different data sources are being combined.”(5:10)  “You try to anchor it to the device…within all the data security and the privacy setup and anchor it to this entity and create one entity.”(15:26) “We can use aggregated data for strategic decisions, like how to shift budgets from channel A to B.”Mentioned in This EpisodePiotr Prędkiewicz's LinkedinFORMEL SKIN

बीजेपी विधायक हरीश खुराना का आम आदमी पार्टी पर बड़ा आरोप, लोकसभा में 130वें संविधान संशोधन बिल का विरोध, राहुल गांधी और एम.के. स्टालिन ने बिल को लोकतंत्र पर हमला बताया, अखिलेश यादव ने चुनाव आयोग और प्रशासन पर बोला हमला, CCPA ने रैपिडो पर लगाया 10 लाख का जुर्माना, रूस ने भारत को तेल पर दी 5% छूट, विदेश मंत्री जयशंकर की रूस में अहम बैठक और बांग्लादेश की भारत में अवामी लीग को लेकर चिंता. सिर्फ 5 मिनट में सुनिए शाम 7 बजे तक की बड़ी ख़बरें.

En este Martes de Números, conversamos con el CPA Jaime Rivera sobre los momentos que han marcado su carrera profesional, las personas que lo han inspirado y su rol activo en los Capítulos del CCPA.

Aaron J. Burstein, Meaghan M. Donahue On July 1, 2025, California Attorney General Rob Bonta announced a $1.55 million proposed settlement order with Healthline Media – the largest California Consumer Privacy Act (CCPA) settlement to date. The proposed settlement resolves allegations that Healthline violated the CCPA by 1) failing to honor consumer requests to opt-out of the sale and sharing of personal information, 2) violating the CCPA's purpose limitation principle, and 3) failing to include required data protection provisions in contracts with service providers and third parties.

Visit: RadioLawTalk.com for information & full episodes! Follow us on Facebook: bit.ly/RLTFacebook Follow us on Twitter: bit.ly/RLTTwitter Follow us on Instagram: bit.ly/RLTInstagram Subscribe to our YouTube channel: www.youtube.com/channel/UC3Owf1BEB-klmtD_92-uqzg Your Radio Law Talk hosts are exceptional attorneys and love what they do! They take breaks from their day jobs and make time for Radio Law Talk so that the rest of the country can enjoy the law like they do. Follow Radio Law Talk on Youtube, Facebook, Twitter & Instagram!

Today, Jules takes another trip down memory lane, revisiting a gem from the Fearless Practice archives. In this encore episode, Jules talks to Michael Sorsdahl about the new CCPA revised ethics case book.  You can find the show notes to the original episode here. Connect with me: Instagram Website  Resources Mentioned and Useful Links: Liv Noël Dakkak: Niching With Your Passion in Private Practice | ep 171 Sign up for my free e-course on How to Start an Online Canadian Private Practice Learn more about the tools and deals that I love and use for my Canadian private practice Sign up for my free e-course on How to Start an Online Canadian Private Practice Jane App (use code FEARLESS for one month free) Get some help and freebies on your website with WordPress!  Rate, review, and subscribe to this podcast on Apple Podcasts, Spotify, Amazon, and TuneIn  

A recent Supreme Court decision is reshaping the landscape for fraud enforcement against government contractors, eliminating the need to show monetary loss when false statements are made during the bidding process. Mike Radak, Alliant Financial Institutions, and David Finz, Alliant Claims & Legal, break down the implications of Kousisis v. United States and discuss a pivotal California ruling that broadens the scope of the California Consumer Privacy Act beyond data breaches. Together, they explore how these developments could carry implications for contract compliance, DEI disclosures, cyber controls and privacy litigation moving forward.

Pixels attached to articles explaining a recent health diagnosis – without consent  – led Healthline to a record $1.55 million fine for violating CCPA. Plus: the new AI contract.

In today's privacy-first world, organizations must build structured and scalable privacy programs to stay compliant and earn trust. This session dives into the Certified Information Privacy Manager (CIPM) framework, offering a practical, real-world approach to developing and managing privacy initiatives aligned with GDPR, CCPA, and global data protection laws.You'll learn how to establish a privacy governance structure, perform risk assessments, and integrate privacy by design into business operations. We also explore real-world case studies, career insights, and expert strategies to help you advance your data privacy journey—whether you're preparing for the CIPM exam or implementing privacy practices at scale.

How do we move from mere words to actual baked-in privacy? Can built-in alerts, code scanning tools, or server-side auditing make life much easier for DPOs and legal teams?  We are joined by Vaibhav Antil in a new installment of our Privacy Tech series. Vaibhav is founder & CEO of Privado.ai. Before starting Privado.ai, Vaibhav led product management at a tech company and worked with the legal team on GDPR compliance. Vaibhav started Privado.ai to solve the language gap between legal, privacy, and product engineering teams. References: Vaibhav Antil on LinkedIn Privado: Evidence-based Privacy Bridge: Technical Privacy Summit (by Privado) CNIL: Use analytics on your websites and applications (how analytical cookies can be exempt from consent) Max Anderson (Ketch): Privacy Tech spotlight I – the future of CMPs, value vs. hype in privacy compliance SaaS (Masters of Privacy, April 2025) Daniel Barber (DataGrail): Privacy Tech spotlight II – widespread non-compliance, opt-out challenges, and shadow AI (Masters of Privacy, May 2025) Cillian Kieran (Ethyca): Privacy Tech spotlight III – compliance as an engineering challenge (Masters of Privacy, June 2025)

Send us a textCameron and Gabe dive into Healthline Media's record-breaking $1.55 million settlement for CCPA violations, examining whether such penalties are sufficient deterrents against improper sharing of sensitive health data.• Healthline violated CCPA by sharing sensitive user health data with advertisers without proper consent• First U.S. regulatory action against a company for disclosing "inferred sensitive data"• Violation included failing to provide mechanisms to opt out of sensitive data sharing• Discussion of whether fines proportional to company revenue would be more effective• Comparison of data brokers to other harmful entities in society• Brief preview of upcoming episode about a major data breach potentially larger than EquifaxStay safe this holiday weekend and don't put fireworks where they don't belong! Tune in next time for our breakdown of a massive data breach of "epic proportions." Support the show

John Pavolotsky is a partner at Stoel Rives in San Francisco. He is co-chair of the firm's AI, Privacy & Cybersecurity group and focuses his practice on data privacy, information security, and complex technology transactions. He has also been chair of the Intellectual Property Section of the California Lawyers Association.  John has taught Technology Transactions Law at the UC Davis School of Law and Comparative Privacy Law at the Santa Clara University School of Law. John has also guest lectured on technology and privacy law topics at the University of California, Berkeley, Haas School of Business; the University of San Francisco School of Management; and Stanford University. References: John Pavolotsky on LinkedIn John Pavolotksy at Stoel Rives Timeline of discussions (House, Senate) leading to a final decision on a 10-year moratorium on state-level AI laws (final deadline: July 4, 2025), Techcrunch Texas Legislature Passes House Bill 149 to Regulate AI Use (Nelson Mullins) Colorado AI Act California Privacy Protection Agency: Draft Automated Decision-making Technology Regulations California Gov. Newsom vetoes AI safety bill that divided Silicon Valley (September 2024), NPR Poland puts pausing enforcement of the AI Act on EU ministers' table (June 2025, MLex - paywalled) A Brief Overview of the Federal Trade Commission's Investigative, Law Enforcement, and Rulemaking Authority (FTC)

¿Cómo podemos encontrar un equilibrio entre el hambre de datos personales y su protección en el seno de una FinTech californiana?  Diana Bergano lidera la práctica de protección de datos personales y la estrategia de data privacy en Earnin (Palo Alto, California). Como parte de su trabajo asesora a diferentes equipos sobre estrategias de privacidad desde el diseño, adecuación de actividades de marketing, uso de datos y desarrollo de soluciones de inteligencia artificial. Anteriormente ha sido Legal Counsel en Yapstone, Patelco y Blackhawk Network, y también ha pasado por Cisco Systems. Diana es Licenciada en Derecho por la Universidad de La Sabana (Colombia).  Referencias: Diana Bergano en LinkedIn Gramm-Leach-Bliley Act (GLBA - web de la FTC) CFPB: Oficina para la Protección Financiera del Consumidor de EE.UU California's Invasion of Privacy Act (CIPA): A New Frontier for Website Tracking Litigation (ABA) Cookie cutter solution? Senate Bill 690's “commercial business purpose exemption” could crumble CIPA lawsuits (Lexology) FTC Issues Opinion Finding that TurboTax Maker Intuit Inc. Engaged in Deceptive Practices

Merry Marwig is the VP Global Communications & Advocacy at Privacy4Cars. Merry is a pro-consumer, pro-business privacy advocate who is optimistic about what data privacy rights mean for everyday people — and for the companies they do business with. At Privacy4Cars, she helps protect drivers' and passengers' personal data while creating business opportunities for automotive companies. In this episode… Modern cars are like computers on wheels, collecting and storing data just like smartphones or laptops. Unlike those devices, however, vehicle data is often left unencrypted and persists long after a car is sold, rented, or reassigned. This is especially problematic for businesses that use corporate cars, rental vehicles, fleet vehicles, or personal vehicles for work purposes. Sensitive information such as contact lists, text messages, navigation history, and even security credentials can remain stored in vehicles long after they change hands, posing significant privacy, security, and even physical safety risks. To take control of sensitive data, companies need to establish data deletion policies for all vehicles used in a business context. This includes requiring rental agencies and fleet management providers to delete stored data and offer certificates of deletion when cars are returned or decommissioned. Companies should also require automotive providers to provide VIN-specific data disclosures so drivers understand what data the vehicle collects and how it's used and shared. Additionally, companies need to consider how privacy regulations like GDPR and CCPA apply to vehicle data collection and use it to inform their internal policies and third-party contracts. In today's episode of She Said Privacy/He Said Security, Jodi and Justin Daniels talk with Merry Marwig, VP Global Communications & Advocacy at Privacy4Cars, about the privacy and security risks of data collected and stored in vehicles. Merry explains how cars used for work, whether rental, fleet, or personal, retain unencrypted personal and company data that can be exploited when vehicles change ownership or are decommissioned. She shares real-world case studies involving sensitive information left behind in cars, including banking credentials, contact lists, and patient health records. Merry also outlines how data deletion policies and VIN-specific disclosures, required through contracts with automotive providers, help companies reduce privacy and security risks.

Subscribe to DTC Newsletter - https://dtcnews.link/signupIn this episode of All Killer, No Filler DTC Podcast, host Eric Dyck talks with Pilothouse's Technical Manager Richard about the expanding impact of California's CCPA/CPRA and evolving privacy laws across North America.Key moments to listen for:CCPA/CPRA 101 & penalties – Up to $7.5K per violation, private-data breach lawsuits, and agency enforcement Thresholds that trigger compliance – Revenue over $25M, 100K+ Californians' data, or data‑sale revenue ≥50%Multi‑state comparison – VA, CO, CT, and others have their own compliance standardsCompliance tooling deep dive – Shopify solutions (ConsentMo, Pandectis, SecurePrivacy) for banners, data access, and opt‑outsTracking vs. consent – Even server‑side tracking must respect opt‑outsCase study – A client lost 58% of Analytics data but only 4% of purchases after adding full compliance toolsFuture of data consent – How PIPEDA, GDPR-like shifts, and AI‑driven consent profiles are shaping privacyThis episode is essential listening for ecommerce and tech managers who need to navigate privacy law demands without compromising growth and analytics integrity.Did you know that 98% of your website visitors are anonymous? Instant powers next-level retention by identifying who they are and converting them into loyal shoppers. Sign up for a quick demo today to get 50% off and unlock a guaranteed 4x+ ROI: instant.one/dtcTimestamps00:00 – Why eCommerce brands should care about CCPA02:55 – Overview of CCPA and CPRA regulations05:10 – Penalties for non-compliance with California privacy laws08:30 – Thresholds that trigger CCPA enforcement11:05 – What personal data qualifies under CCPA14:00 – Which US states have privacy laws beyond California17:00 – How to make your Shopify store CCPA compliant20:15 – Server-side tracking and compliance limitations23:30 – Real client example: Data loss vs purchase impact27:50 – Impact of consent banners on analytics and conversions31:10 – Managing existing customer data for compliance34:10 – The future of personal data and AI-managed privacyHashtags#consumerprivacy#ccpa#ecommercelaw#dataprotection#cpra#shopifycompliance#usprivacylaws#servertracking#retargeting#googleanalytics Subscribe to DTC Newsletter - https://dtcnews.link/signupAdvertise on DTC - https://dtcnews.link/advertiseWork with Pilothouse - https://dtcnews.link/pilothouseFollow us on Instagram & Twitter - @dtcnewsletter

Ha llegado la hora de ponernos al día en las cinco áreas de siempre: ePrivacy y marco regulatorio; MarTech y AdTech; IA, competencia y mercados digitales; PETs y Zero-Party Data; Futuro de los medios.  Hemos añadido todas las referencias relevantes a la entrada de este episodio en nuestro blog: mastersofprivacy.com. Voces complementarias creadas por ElevenLabs.  

It is time for a seasonal update at the intersection of Marketing, Data, Privacy and Technology. We are today covering the first four of our usual five blocks: ePrivacy & regulatory updates; MarTech & AdTech; AI, Competition and Digital Markets; PETs and Zero-Party Data.  All references and links can be found in this episode's blog post: Masters of Privacy. Allow us to thank two people in advance for their routine work in breaking down the news across some of the topics and jurisdictions covered here: Robert Bateman and his Privacy Corner and Federico Marengo with his Privacy and AI newsletter. Also, an important disclaimer: the voice that joins me today is a text-to-speech output generated with Eleven Labs.

Aaron J. Burstein, Alexander I. Schneider On May 6, the California Privacy Protection Agency (CPPA) announced a settlement with Todd Snyder, Inc. over allegations that the men's retail brand violated CCPA rules on submission and fulfillment of privacy rights requests. Todd Snyder agreed to pay $345,178 and to modify its CCPA compliance program to resolve the case.

Imagine if the tiny tracking code behind personalized ads and website recommendations were suddenly considered unlawful.   That's exactly what's happening in the growing legal battle over cookies and tracking pixels across the country with new fronts opening.   In this episode of The Data Chronicles, we examine plaintiffs' efforts to expand the web tracking litigation battleground by claiming that unconsented use of web trackers constitutes a data breach under the California Consumer Privacy Act (“CCPA”), which entitles comes with statutory damages and a private right of action.   Scott Loughlin is joined by Hogan Lovells litigators Aidan Coleman and Jay Ettinger to break down the legal implications of new case law on this issue and discuss what's at stake for the internet as we know it.

Send us a textDebbie Reynolds “The Data Diva” talks to Mathew Waddell, Founder, Tactically Secure. We discuss insights from his career in the tech industry, particularly in cybersecurity, and his experience working with government agencies and large corporations. He discusses his commitment to simplifying security for individuals and protecting them from threats like ransomware.The discussion then shifts to the evolving landscape of cybersecurity threats, particularly the sophistication of ransomware attacks. Waddell stresses the need for businesses to integrate data privacy and cybersecurity strategies to combat these threats effectively. He points out the increasing trend of attackers stealing data and posting it online to coerce companies into paying ransoms, highlighting the interconnectedness of privacy violations and cybersecurity breaches. Both speakers agreed on the necessity for businesses to adopt proactive measures and recognize the importance of regulations like GDPR and CCPA in prioritizing data protection.Waddell and Reynolds address the dual potential of AI tools in cybersecurity, noting that they can enhance security measures but can also be exploited by malicious actors. They discuss the importance of training employees to recognize cyber threats and the need for effective identity verification strategies in light of emerging technologies like deepfakes and his data privacy wish for the future.Support the show

Next in Media spoke with Tim Vanderhook and Chris Vanderhook, co-Founders of Viant Technologies. The CEO and COO of the ad tech firm talked about their Trade Desk rivalry, whether a Google breakup will be good for their business and the open web, and why CTV offers a chance for fewer monopolies.

Recent data breaches have had significant impacts. WorkComposer, an employee monitoring app, exposed over 21 million sensitive employee screenshots due to a misconfigured cloud storage bucket. This breach compromised data such as emails, internal chats, and login credentials, leading to risks like phishing attacks, identity theft, corporate espionage, and legal consequences under GDPR and CCPA. In a separate incident, Oracle engineers caused a multi-day outage at U.S. hospitals by disrupting electronic health record systems, forcing hospitals to revert to paper-based systems. This highlighted vulnerabilities in critical healthcare infrastructure due to human error.The rise of Artificial Intelligence (AI) is reshaping both cybersecurity and the workforce. AI-powered virtual employees, expected soon, pose security risks, such as account misuse and rogue behavior. At the same time, malicious actors are using AI tools like the Darcula phishing-as-a-service kit to launch sophisticated, multilingual phishing campaigns. This kit exploits messaging protocols like RCS and iMessage, making phishing attacks harder to detect. In the tech workforce, employees without AI expertise are facing heavier workloads, stagnant pay, and job insecurity amid restructuring, while AI specialists command higher salaries.Phishing attacks are becoming more advanced, thanks to tools like Darcula. This phishing kit allows criminals to easily create convincing fake websites and bypass security filters. The kit uses AI to generate multilingual scam pages and exploits messaging protocols like RCS and iMessage, which are more difficult to monitor than traditional SMS, making phishing attacks more sophisticated and challenging to detect.Nation-states continue to be significant players in cyberattacks, particularly through zero-day vulnerabilities. Google's research reveals that government-backed hacking groups were behind most zero-day exploits used in real-world cyberattacks last year, with China and North Korea responsible for many of these attacks. These state-sponsored actors exploit undiscovered vulnerabilities to achieve strategic goals, highlighting the ongoing threat posed by nation-state cyberattacks.Connected vehicles and subscription-based features are raising privacy concerns. Automakers are increasingly collecting data through connected features like heated seats and advanced driving assistance. Law enforcement is training to access this data, including location history and driving habits, raising privacy risks. Even when drivers decline subscription services, pre-installed devices with cellular connections can still collect data, potentially increasing surveillance.Employee monitoring software, like WorkComposer, can pose security risks if not properly secured. The breach at WorkComposer exposed sensitive data, such as internal communications and login credentials. When employee data is not adequately protected, it becomes a target for cybercriminals, leading to identity theft, corporate espionage, and reputational damage. This emphasizes the need for strong security practices when using such tools.The tech workforce is facing significant challenges, including job insecurity, stagnant pay, and increased workloads. After a period of rapid growth, companies like Meta and Salesforce have implemented mass layoffs, leading employees to take on the responsibilities of former colleagues. While AI specialists are in high demand, those without AI expertise struggle to secure raises or better compensation, creating a divide in the workforce.Finally, targeted malicious activity has been observed in geopolitical contexts. For example, new Android spyware has been discovered targeting Russian military personnel. Hidden in a modified version of the Alpine Quest mapping app, the malware steals sensitive data like phone numbers, accounts, contacts, and geolocation information... Highlighting the increasing use of cyber tools in geopolitical conflicts.

En este episodio de Martes de Números hablamos sobre el manejo de riesgos en la industria de seguros, pero desde la perspectiva de la ingeniería.

The transition off of fossil fuels is important and needs to happen, but it will affect the livelihoods of oil and gas workers and those in fossil fuel dependent communities. How can we make sure the transition is just and people-centred? We spoke with Hadrian Mertins-Kirkwood, a senior researcher at the Canadian Centre for Policy Alternatives. Hadrian's work focuses on the social and economic dimensions of Canada's shift toward a zero-carbon economy, including the necessity of a just transition for vulnerable workers and communities across the country. He is a contributor to the CCPA's Trade and Investment Research Project and Alternative Federal Budget. Hadrian holds a MA in Political Economy from Carleton University. Hadrian explains the concept of a people-centred just transition and the challenges Canada will have to overcome to move away from fossil fuels. We also discussed the policies that are needed to help workers transition into new industries, including the need for green industrial policy.   Pullback is a proud member of the Harbinger Media Network Enjoy our work? Support us on Patreon!

ST. PETERSBURG, FL - April 2025 - As the cloud communications sector embraces artificial intelligence (AI), BroadSource is stepping forward with a practical message for resellers: You can profit from AI — if you first help your customers solve data privacy challenges. Speaking with Technology Reseller News at the Cloud Communications Alliance's Cloud Connections 2025 event, Bill Placke, President of Americas for BroadSource, outlined how the company's SecureCall platform helps overcome a critical barrier to AI adoption. “Legal and compliance concerns around collecting personal data are slowing AI deployment,” said Placke. “Our SecureCall solution removes sensitive personal information like credit card or Social Security numbers at the time of collection — enabling safe and compliant AI use.” BroadSource's SecureCall product, which earned Cisco's Top 3 Global Innovation Award, enables secure data input during phone-based customer interactions. Customers input card details or other personal information directly, while the merchant remains on the call without hearing sensitive tones. Data is transmitted securely for processing, bypassing the merchant's internal systems and eliminating storage liability. With new PCI DSS 4.0 standards taking effect and global regulations such as GDPR and CCPA evolving, businesses face growing risks for non-compliance. Placke noted that SecureCall removes this burden from the enterprise. “Companies can rely on BroadSource's own PCI certification for compliance,” he said. “That means fewer headaches for IT and finance leaders — and real value for the reseller who delivers the solution.” BroadSource is expanding SecureCall's capabilities under the SecurePII brand to address broader categories of personal data. The goal is to create a foundation of data minimization, enabling enterprises to leverage AI and LLMs (large language models) without running afoul of data protection laws. Placke likens the opportunity to the 1840s Gold Rush: “AI is the gold. BroadSource is the pickaxe and blue jeans — the tools every prospector needs to get started.” For resellers navigating the fast-moving AI landscape, Placke advises aligning with customer priorities. “Cybersecurity is the top concern for IT leaders,” he said. “Look at breach points like passwords and explore solutions that offer more secure alternatives. When you bring customers practical AI tools with compliance built in, you're not just selling a service — you're building trust.” BroadSource also offers EMU CAPP, a behavioral analytics product that uses AI to monitor user behavior on BroadWorks platforms and detect anomalies, helping prevent toll fraud. “Resellers should lean in,” Placke concluded. “There's a real opportunity to lead by helping your customers adopt AI safely.” For more information, visit broadsource.com or secure-pii.com.

In January 2024, shortly after workers in their Laval location had unionized, Amazon announced the closure of its facilities in Quebec. In a most egregious union busting moves, Amazon left 2,000 people out of work and walked away from significant investments in infrastructure to make sure workers wouldn't get a say in their conditions.Jon Milton, Senior Communications Specialist with the Canadian Centre for Policy Alternatives, shares some of the ways Labour, the community and municipalities are fighting back against Amazon. Jon also has some tactics not yet deployed to 'bring down' this corporate giant AND its exploitive business model.Hosted by: Jessa McLeanCall to Action: Boycott Amazon CanadaRelated Episodes: CUPW Right to Strike was recorded immediately after Canada Post workers were ordered back to work. Its a candid discussion on the state of what's often touted as Canada's strongest union. Another guest from the CCPA, Richard Tranjan, with a discussion on The Tenant ClassMore Resources: Supreme Court Rules Walmart Broke QC Law - Global NewsUnion says Amazon closures in Quebec are an attack on unionization - rabble.caAmazon's Quebec closures are a wake-up call for Canada's labour movement - CCPAHow Quebec and Canada can make Amazon pay for union-busting - CCPAAll of our content is free - made possible by the generous sponsorships of our Patrons. If you would like to support our work through monthly contributions: PatreonFollow us on Instagram or on Bluesky

What is the practical case for combining CMPs and DSAR automation under a single technical solution or software provider? What do DPOs and CPOs struggle the most with when implementing effective privacy programs? Which Privacy Tech features are overvalued or undervalued? Max Anderson is a seasoned product executive with a proven track record of bringing successful technology products to market in the consumer privacy, data management, and marketing space. Prior to Ketch, Max was the Director of Product Management at Krux. After joining Salesforce as part of the Krux acquisition, he ran data privacy and consumer identity products at Salesforce, including the rollout of their industry-leading GDPR solution set. Prior to Krux, Max was a Product Manager at IPG Mediabrands, where he was responsible for multiple successful advertising measurement products. Max holds a BS in Chinese Literature from the University of Colorado. References: Maxwell Anderson on LinkedIn Max Anderson, The liability in your privacy program: incomplete opt-out compliance (Ketch) GPC: Global Privacy Control Max Anderson, Dirty Data, Broken AI—The hidden threat derailing your competitive edge (Ketch) Andy Dale: DPO vs. CPO, present and future value of Privacy Tech, and the new US administration's impact on the regulatory landscape (Masters of Privacy) Monica Meiterman-Rodriguez: automation, data minimization and comparative law in DSRs (Masters of Privacy) Sergio Maldonado, Some takeaways from PEPR'24 (USENIX Conference on Privacy Engineering Practice and Respect 2024)  

Amanda Moore is a seasoned leader with extensive experience in privacy strategy, technology, and operations. She currently serves as the Senior Director of Privacy at DIRECTV, where she oversees the company's privacy program with respect to technology and operations. Prior to her role at DIRECTV, she held pivotal positions at CVS Health and AT&T leading technical and business teams. Her career started in information technology but shifted to privacy before the onset of CCPA. Amanda holds the CIPM certifications and is a OneTrust Fellow of Privacy Technology. In this episode… Many organizations invest in privacy technology expecting it to deliver instant compliance, only to find that it fails to integrate with existing tools or processes. Adoption often lags when internal teams see privacy as a barrier or when tools are implemented without clearly defined goals. Choosing privacy technology before businesses understand the specific problem they're meant to solve leads to confusion, inefficiency, and low adoption. One of the most effective ways to boost technology adoption is to start with a clear understanding of business processes and goals before introducing new privacy tech. Successful privacy programs start by mapping business processes and making small, non-disruptive backend adjustments that minimize disruption. Additionally, building internal awareness through roadshows, clear communication, and simplified privacy impact assessments helps shift perceptions and encourages teams to view privacy as a business enabler. In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels speak with Amanda Moore, Senior Director of Privacy at DIRECTV, about integrating privacy technology into business operations. Amanda highlights how strong internal relationships help position privacy as a business enabler, why reframing communication to various business executives enhances support for privacy initiatives, and how measuring privacy program maturity with the use of technology provides more insight than surface-level metrics. She also discusses methods to increase adoption through internal awareness campaigns and simplified assessments, and the long-term value of reputation-building within organizations.

Watch on YouTubeTedd Huff & John Gordon, CEO of ValidiFI, explore key shifts in Fintech and focus on Account Validation Technology. The focus is on account validation, fraud detection, and customer risk. With over 25 years in financial services, Gordon shares insights from his work at TransUnion and ValidiFI. He explains how behavioral signals like multiple emails, landlines, or shared accounts—can trigger higher risk. Gordon also breaks down why ACH transactions remain dominant, and how high-risk accounts show 11.5x more return failures. The episode covers challenges with virtual bank accounts, especially from neo banks, and how lenders can better identify stable users.John highlights how linking emails, phone types, and account behavior to reduce fraud and improve onboarding. He shares how AI and alternative data fill gaps left by outdated credit models, especially for BNPL users or consumers without full credit files.He predicts a rise in consumer control over financial data and warns that limited access may hurt repayment assessments. For fintech founders, his advice is clear: look at the full data picture account history, contact info, and usage to make better, faster decisions.Key Highlights

Welcome back to the Identity Theft Resource Center's Weekly Breach Breakdown – supported by Sentilink. I'm James Lee, the ITRC's President and this is the episode for April 4th, 2025. It will soon be seven years since California's landmark Consumer Privacy Act or CCPA was signed into law. Since that time, 19 other states have adopted their own versions of the CCPA and it's companion Privacy Rights Act – known by it's own set of letters, the CPRA. Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on X: twitter.com/IDTheftCenter

There is a push and pull between an advertiser's desire to attribute advertisement spending to lead generation and their responsibility to respect consumer privacy. In this episode, Raj Sudra, the Chief Technology Officer at Gannett, joins me to discuss his role and the intricacies of digital marketing attribution. He explains the technology and systems used, such as LocaliQ's proprietary Capture technology, pixel tracking, and the importance of compliance and data privacy. The conversation emphasizes the balance between collecting meaningful data for effective marketing and adhering to privacy legislation like GDPR and CCPA. Raj also talks about what's changing in advertising platforms like Google and Facebook. He touches on why publishers prioritize first-party data as cookies become less reliable to them and how evolving technology such as AI enhances digital marketing strategies.What you will learn:What pixel tracking really means The impact of a cookie.Why data privacy and marketing don't have to work against each other.The importance of evaluating, storing, and tracking data ethically.The technical side of how leads are generated during visits to your websiteThanks for listening!Connect with GradComm:Instagram:@gradcommunicationsFacebook:@GradCommunicationsLinkedIn:@gradcommSend us a message: GradComm.com

In this episode of 'The Wisdom Of' Show, host Simon Bowen speaks with Sheila FitzPatrick, a leading international employment and data protection attorney, recognized for her expertise in privacy and security. The conversation covers Sheila's journey from employment law to becoming an influential figure in data privacy, her role in shaping international privacy laws, including the GDPR, and her insights on the burgeoning field of AI and its implications for data privacy. Sheila discusses the critical differences between privacy and security, the importance of data minimization, and how businesses can turn privacy into a competitive advantage. The episode also touches on the ethical considerations of AI, the transparency required in privacy policies, and practical steps businesses can take to ensure compliance with global privacy regulations.Ready to elevate your business approach? Join Simon's exclusive masterclass on The Models Method. Learn how to articulate your unique value and create scalable impact: https://thesimonbowen.com/masterclassEpisode Breakdown00:00 Meet Sheila FitzPatrick: Privacy and Security Expert03:21 The Journey into Data Privacy05:57 The Impact of GDPR and Privacy Laws14:57 Global Privacy Strategies for Businesses23:53 Marketing and Data Privacy Challenges29:20 Turning Data Privacy into a Competitive Advantage30:34 Leveraging Data Privacy as a Competitive Advantage31:16 The Growing Importance of Privacy in Contract Negotiations32:44 AI and Data Privacy Concerns35:34 Ethical and Legal Considerations in AI41:11 Challenges for Small and Large Companies in Data Privacy43:33 The Intersection of Ethics, Law, and Technology46:02 Advice for Aspiring Data Privacy Professionals55:43 The Importance of Passion in Data Privacy56:38 Final Thoughts on Data Privacy and AIAbout Sheila FitzPatrickSheila FitzPatrick is a world-renowned authority in data privacy, protection, and sovereignty, with a career spanning more than 38 years. As the Chief Privacy Officer for numerous multinational corporations, she has pioneered global compliance strategies that align legal, ethical, and operational frameworks across more than 160 countries.Sheila's work has had a far-reaching impact—collaborating with the U.S. Government, the Council of the European Union, and data protection authorities across Europe, Asia-Pacific, and the Americas. She has served as a trusted intermediary between corporate leadership and Works Councils, drafting over 550 model contracts and bargaining agreements and securing Binding Corporate Rules (BCRs) approvals for six global organizations.Her expertise spans GDPR, CCPA, data sovereignty, AI regulations, cloud computing, cybersecurity, and breach management. Sheila has helped over 500 multinational companies achieve full data protection compliance, navigating the ever-evolving regulatory landscape with precision and foresight.Connect with Sheila FitzPatrickLinkedIn: https://www.linkedin.com/in/sheila-fitzpatrick-4b458/Twitter: https://x.com/sheilafitzpAbout Simon BowenSimon has spent over two decades working with influential leaders across complex industries. His focus is on elevating thinking in organizations, recognizing that success is directly proportional to the quality of thinking and ideas within a business. Simon leads the renaissance of thinking through his work with global leaders and...

In a world where data is more important than ever, understanding how it is acquired, shared, and misused is critical. Data brokers work behind the scenes, amassing enormous amounts of personal information from online activity, loyalty programs, and even public records, often without the users' knowledge. This data powers targeted marketing, scams, and even identity theft. But what can be done to regain control of personal privacy? Today we're diving deep into this topic with cybersecurity expert Darius Belejevas, who has spent years assisting folks in removing their data from these digital marketplaces. He is the head of Incogni and Surfshark.  In this chat, Darius is going to share how these sneaky data brokers operate. He'll break down why it's such a big deal when our data gets out there for all to see, and he'll arm us with some solid strategies to keep our privacy intact. We'll also look at practical tactics that everyone can apply to limit their exposure to hackers. We'll discuss data sharing, using privacy-focused products, and understanding legislation like GDPR and CCPA. We also dive into the shifting landscape of digital security, the role of AI in data collection and fraud, and what the future of online privacy may look like.  Show Notes: [01:01] We learn about Darius's background. [02:16] We learn about the creation of Incogni.  [04:04] Data brokers are businesses who collect data and sell it to other businesses. One problem can be lack of transparency of what is happening to your data.  [07:19] There are probably a few thousand data brokers. [09:36] Does removing your data get you out of a breach? [10:48] Limiting what we share. Prevention, consequences, and clean up. [12:22] When giving identifiers like your phone number, stop and ask if you really need to do that. [14:10] Some brokers make it way more difficult to remove data. [20:13] We talk about privacy regulations and how they can help you or make things more difficult. [22:12] How AI will make malicious activities easier to scale. [23:41] Have people given up on privacy? At the end of the day, it's about personal comfort.  [25:00] Privacy laws are helping with data broker issues.  [26:59] Being mindful about what you post online. Many people don't want to share too much. [29:56] Physical junk mail has decreased.  [30:52] What to do today. Think about what you want to share. Do you really need to subscribe? [32:21] Use a service like Incogni to help you protect your data. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Incogni Surfshark Darius Belejevas on Facebook Darius Belejevas on LinkedIn

Wed, 26 Mar 2025 06:30:00 +0000 https://tap.podigee.io/56-geoff-parker 2aa9fbbaaced69fcaf4e8ac898a1f6ea Guest: Geoffrey (Geoff) G. Parker Bio: Geoff Parker is a professor of engineering at the Thayer School at Dartmouth College and the faculty director at the Irving Institute for Energy and Society. He was awarded the Thinkers50 digital thinking award for his work on two-sided markets and the inverted firm. He is the co-author of the influential book Platform Revolution. He received his doctorate from MIT, where he was a doctoral student alongside Marshall Van Alstyne. Summary: In this episode, Geoff, a leading expert in platform research and co-author of Platform Revolution, discusses the origins of his work on platforms, the evolution of platform business models, and the ongoing relevance of platform thinking in today's dynamic technological and regulatory landscape. The conversation traces the journey from early observations of free online services and the formalization of two-sided markets to the strategic implications of platforms and their impact across various industries, including B2B and energy. Geoff reflects on the initial skepticism surrounding platform theory, the significant effect of Platform Revolution, and his current work exploring platform dynamics in specific sectors. The discussion also touches upon the challenges faced by established firms in transitioning to platform models and the influence of emerging technologies and regulations on the platform ecosystem. Key Discussion Points The genesis of platform research: Stemming from observations of ad-sponsored networks and the emergence of free online services during the dot-com boom, leading to the formal study of two-sided markets and network effects. Early challenges in platform theory: The initial uphill battle to get foundational work on platforms published. The evolution of platform thinking: How the understanding of platforms has been shaped by events like the dot-com bust and the rise of tech giants. Strategic implications: The development of concepts like platform envelopment and the broader strategic considerations for businesses adopting platform models. The impact of regulation and new technologies: The influence of regulations like GDPR and CCPA, the increasing power of platforms, and the emergence of AI and blockchain on platform strategies. Challenges and opportunities in B2B platforms: The complexities of network effects, sales cycles, core transactions, and integration challenges in B2B contexts. Publications & Projects Mentioned Parker, G. G., Van Alstyne, M. W., & Choudary, S. P., (2016). Platform revolution: How networked markets are transforming the economy—and how to make them work for you. W. W. Norton & Company. Shapiro, C., & Varian, H. R. (1999). Information rules: A strategic guide to the network economy. Harvard Business Press. Anderson, E. G., Lopez, J., & Parker, G. G. (2022). Leveraging value creation to drive the growth of B2B platforms. Production and Operations Management, 31(8), 1–22. Parker, G. G., & Van Alstyne, M. W. (2005). Two-sided markets. Harvard Business Review, 83(10), 1–12. Eisenmann, T., Parker, G. G., Van Alstyne, M. W., & (2011). Platform envelopment. Strategic Management Journal, 32(12), 1270–1285. Cabral, L., Haucap, J., Parker, G. G., Petropoulos, G., Valletti, T. Alstyne, M. (2021). The EU Digital Markets Act: A Report from a Panel of Economic Experts, European Union Joint Research Centre, Publications Office of the European Union. Links Geoff's website at Dartmouth: https://engineering.dartmouth.edu/community/faculty/geoffrey-parker full no digital platforms,platform revolution Daniel Trabucchi, Tommaso Buganza and Philip Meier

Hosted by Simone Roach from a blog post from Aaron J. Burstein, Alysa Z. Hutnik, Alexander I. Schneider, and Meaghan M. Donahue On March 12, 2025, the California Privacy Protection Agency (CPPA) announced a settlement with American Honda Motor Co., resolving allegations that the company violated the California Consumer Privacy Act (CCPA) and requiring Honda to pay a $632,500 fine. The announcement marks the Agency's most far-reaching enforcement action, and the first to stem from the CPPA's July 2023 announcement that it was reviewing the data privacy practices of connected vehicle manufacturers and related technologies.

Cloud Connections 2025 Preview: BroadSource's SecurePII Takes Center Stage March 2025 – Technology Reseller News – BroadSource has officially launched SecurePII, a cutting-edge real-time redaction platform designed to protect Personally Identifiable Information (PII) in telecommunications networks. In a special Cloud Communications Alliance (CCA) podcast, Haydn Faltyn and Bill Placke from BroadSource joined Doug Green to discuss the technology, its market impact, and why service providers should take notice. The Growing Need for Real-Time PII Protection BroadSource has long been a leader in delivering technology solutions to cloud communications providers. With SecurePII, they are addressing a critical issue in telecommunications: how to protect PII that traverses carrier networks. The demand for real-time data redaction has surged due to increasing regulatory requirements, including CCPA, GDPR, HIPAA, and the evolving PCI DSS 4.0 standard. Faltyn explains: “We launched SecureCall as a PCI-compliant platform for credit card redaction last year. But service providers and enterprises alike need more—protection beyond just payment information. SecurePII extends our technology to safeguard all forms of personal data in voice communications.” Shifting the Compliance Conversation Placke highlights the legal and compliance challenges that enterprises face, as regulators worldwide introduce stricter measures around data privacy. “Legal teams are often forced to say ‘no' to new initiatives because of concerns over PII exposure. SecurePII flips the script—by redacting sensitive data in real time, businesses can fully leverage AI, analytics, and automation without compliance roadblocks.” A Game Changer for AI-Driven Business Communications The rise of AI and large language models (LLMs) has created a data dilemma for enterprises: how can they safely utilize voice data for AI applications, customer analytics, and automation without violating data privacy laws? With SecurePII, BroadSource provides a solution that allows organizations to extract value from their data without storing or processing sensitive customer information. By removing PII in real-time, businesses can: Enhance AI training models without compliance risks Increase customer trust by ensuring privacy protection Reduce operational risks and costs associated with data breaches and regulatory fines Impact on Contact Centers and CX A core use case for SecurePII is contact centers, where credit card details, account numbers, and personal information are frequently exchanged over voice channels. The platform ensures: Seamless transactions without the risk of human agents being exposed to sensitive data A frictionless customer experience that retains the personal touch while safeguarding information Higher revenue retention—BroadSource has observed a 9% increase in revenue when businesses implement SecurePII in customer interactions BroadSource's SecurePII Roadmap and Upcoming Events The launch of SecurePII marks a new strategic direction for BroadSource, emphasizing data security as a core value for service providers. Faltyn and Placke will be presenting SecurePII at: Cavell's Summit Europe 2025 – A premier event for cloud communications leaders Cloud Connections 2025 (CCA Conference, St. Petersburg, FL) – Where BroadSource will showcase SecurePII's capabilities to global service providers Where to Learn More SecurePII is now live, and service providers can integrate it into their networks today. BroadSource has also launched a dedicated website for SecurePII, providing resources, case studies, and implementation details. Visit: www.securepii.cloud BroadSource's mission is clear—to empower service providers with the tools to protect their networks, comply with global regulations, and enable the future of AI-driven business communications. With SecurePII,

Episode SummaryIn this episode of The Secure Developer, Danny Allan, CTO of Snyk, sits down with Wayne Chang, Founder and CEO of SpruceID, to explore the evolving landscape of digital identity and security. From self-sovereign identity to the role of AI in authentication, they discuss the future of identity management, the risks of centralized systems, and the benefits of decentralized approaches. They also dive into how policy, compliance, and emerging technologies like passkeys and zero-knowledge proofs are shaping the security ecosystem.Show NotesThe world of digital identity is changing fast, and in this episode of The Secure Developer, we explore how security professionals and developers can navigate this evolving space. Host Danny Allan is joined by Wayne Chang, Founder and CEO of SpruceID, to discuss key trends and challenges in identity management.Topics Discussed:Wayne's Background: From health tech to digital identity, how Wayne's early struggles with integrating health records led to his passion for self-sovereign identity.The Evolution of Digital Identity: Why usernames and passwords are no longer the gold standard, and how newer methods like passkeys and cryptographic credentials improve security.Decentralization vs. Centralization: The trade-offs between federated identity systems (like OAuth and SSO) and self-hosted identity wallets.The Role of AI in Identity Security: How AI is both a tool for improving security and a threat vector for identity fraud.Privacy and Compliance: How regulations like GDPR, CCPA, and emerging state-level laws influence digital identity strategies.The Future of Authentication: The move from multi-factor authentication to "myriad factor authentication," leveraging multiple signals for seamless and secure access.Wayne and Danny also discuss real-world use cases, including the development of mobile driver's licenses, emerging digital identity wallets, and the challenges of ensuring privacy and security while maintaining usability. The conversation highlights how organizations can stay ahead with better authentication practices and privacy-preserving architectures as fraud becomes more sophisticated.LinksSpruceID - Identity infrastructure for the digital worldNIST - The National Institute of Standards and TechnologyNIST SP 800-63 - Digital Identity GuidelinesACLU Digital ID State Legislative RecommendationsSnyk - The Developer Security Company Follow UsOur WebsiteOur LinkedIn

Rocco Del Priore, Co-Founder of Sweed POS, discusses the critical importance of compliance and enterprise-grade solutions within the evolving cannabis industry. The conversation centers around Sweed POS's commitment to data security, regulatory compliance, and robust platform functionality, highlighting their achievement of both SOC 1 and SOC 2 Type 2 certifications.1The discussion begins with a deep dive into data security, a paramount concern given the sensitive nature of customer information and financial transactions within cannabis dispensaries. Rocco explains Sweed POS's comprehensive security measures, including encryption, access controls, and intrusion detection systems. He then emphasizes the significance of achieving SOC 1 and SOC 2 Type 2 certifications, industry-recognized audits that validate a service organization's internal controls over financial reporting and customer data security, respectively. Rocco clarifies the distinction between these certifications, explaining that SOC 1 focuses on financial reporting, while SOC 2 addresses customer data and security.2 He also differentiates between Type 1 and Type 2 audits, explaining that Type 1 demonstrates a company's knowledge of required procedures, while Type 2 proves their consistent adherence to those procedures over time. This distinction underscores Sweed POS's dedication to not just meeting, but exceeding, industry security standards.The conversation explores the complexities of data privacy regulations like GDPR and CCPA, particularly relevant given the vast amounts of customer data handled by dispensaries. Rocco explains that Sweed POS's all-in-one platform was designed with compliance in mind from its inception, streamlining data management and mitigating the risks associated with disparate systems. This integrated approach simplifies compliance efforts for dispensaries and reduces the potential for data breaches or inconsistencies. Advertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

From sensational headlines to practical applications, industry visionaries Chris Perry and Jason Alan Snyder join the podcast to examine the state of AI in marketing today. Huge shifts are underway as brands consider how to apply AI in response to this “year of agents,” regulatory implications and determining what is manipulation versus participation. Those who win will be the brands that make AI their most powerful partner.Thanks for listening! Follow us on Twitter and Instagram or find us on Facebook.

Are your business's data privacy practices ready for the future? With global regulations evolving rapidly, staying compliant isn't just a legal requirement—it's a competitive edge.  Join us as legal expert Valeriy Starilov shares actionable strategies for digital businesses and IT companies to navigate the ever-changing landscape of data privacy laws, such as GDPR and CCPA. 

Welcome to TCAST, the podcast that explores the intersection of technology, data, and humanity. In this episode, hosts Alexander McCaig and Jason Rigby dive deep into TARTLE's DataVault Connect, a groundbreaking OAuth2-based platform designed to give businesses and users unprecedented control over their data. Discover how this tool transforms data sharing into a win-win scenario for companies and consumers, emphasizing ethical practices, privacy, and revenue generation. Episode Highlights Introducing DataVault Connect What It Is: A seamless OAuth2 integration that allows users to vault and monetize their data while giving businesses a compliance-ready solution for data collection. Why It Matters: Shift away from outdated login systems like Google and Facebook, and embrace a more ethical, transparent way of handling data. Key Features of DataVault Connect Granular Consent Management: Users decide what data to share and can revoke access at any time. Revenue Sharing: Businesses earn a percentage of revenue when users monetize their data. Built-In Compliance: Fully aligned with GDPR, HIPAA, and CCPA regulations, backed by blockchain-based audit trails. Zero and First-Party Data Access: Unlock valuable insights for AI training, personalization, and customer engagement. Why DataVault Connect is a Game-Changer for Businesses Simplified Integration: A plug-and-play OAuth2 button with robust SDK support for websites and apps. Real-Time Data Insights: Gain access to user-approved data that enhances AI models and market strategies. Enhanced Privacy: Cutting-edge encryption ensures user data is secure and untouchable by third parties. Trust Building: Show customers you prioritize their data rights, fostering long-term relationships. The OAuth Revolution How It Compares: Unlike traditional login systems that profit from your users' data, TARTLE's DataVault Connect ensures your business benefits from every login while safeguarding user privacy. Revenue Model: Every time a user monetizes their data, your business gets a share of the profit. Who Should Use DataVault Connect? AI Companies: For accessing high-quality, real-time data to improve model performance. E-Commerce Platforms: Enhance personalization and customer experience. Healthcare Providers: Securely manage sensitive data with HIPAA-compliant tools. Marketers: Use ethical, actionable insights to drive campaign success. Why Listen to This Episode? This episode is perfect for anyone who: Wants to learn about ethical data exchange and monetization. Is seeking innovative ways to enhance their AI models or customer experience. Cares about compliance and wants to reduce legal risks related to data management. Is curious about how to turn user authentication into a revenue stream. Key Takeaways Ethical Data Exchange: Shift to a user-first model that benefits businesses and consumers alike. Revenue Potential: Generate profits from data monetization while maintaining compliance. Privacy at the Core: TARTLE ensures data security with cutting-edge encryption and blockchain-backed audits. Seamless Adoption: Integrate DataVault Connect easily into your current systems with minimal effort. Actionable Steps for Businesses Sign Up for TARTLE DataVault Connect: Visit TARTLE.CO to get started. Integrate the OAuth2 Button: Use TARTLE's SDK and documentation to add the button to your site or app. Engage with Your Users: Showcase your commitment to ethical data practices and invite them to participate. Monetize User Data: Earn a share of revenue as your users monetize their data.