Podcasts about iapp

  • 104PODCASTS
  • 296EPISODES
  • 38mAVG DURATION
  • 1WEEKLY EPISODE
  • Jun 22, 2026LATEST

POPULARITY

20192020202120222023202420252026


Best podcasts about iapp

Latest podcast episodes about iapp

Serious Privacy
Bonus on AI, Games, and Governance of Emerging Tech

Serious Privacy

Play Episode Listen Later Jun 22, 2026 28:06 Transcription Available


Send us Fan MailWelcome to the Serious Privacy podcast, where Ralph O'Brien , Dr. K Royal, and Paul Breitbarth each provide a summary of the respective conferences they attended. The IAPP AI conference in Dublin, Games Expo, and Governance of Emerging Tech. Enjoy! If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

The Roadmap
Regulatory shocks in AI | Insights from the IAPP AI Governance Global Europe 2026 in Dublin

The Roadmap

Play Episode Listen Later Jun 19, 2026 28:31


Charlie Hawes and Simon McDougall recently attended Europe's leading AI conference, the IAPP AI Governance Global Europe 2026 in Dublin. During the event, Simon chaired a panel discussion examining the impact of regulatory shocks on AI alongside fellow industry experts. In this podcast, Charlie and Simon reflect on the key themes, insights and debates that emerged from the panel, and explore what they mean for organisations navigating the evolving AI regulatory landscape. Send us Fan MailNote: All information was correct at the time of recording.Thanks for listening!If you have any feedback, questions or comments, please email us at theroadmap@bristows.comFind all the episodes as we release them here, and don't forget to subscribe! Follow us on LinkedIn using #TheRoadmapPod

Careers and the Business of Law
AI Governance Is the New Career White Space in Law: Bobby Malhotra on the Rise of the Tech-and-Data Lawyer

Careers and the Business of Law

Play Episode Listen Later Jun 9, 2026 32:54


Hosted by David Cowen | Careers and the Business of Law David Cowen sits down with Bobby Malhotra, litigation partner and chair of Winston's eDiscovery and Information Governance practice, member of the firm's AI strategy group, and founding member of Legal Data Intelligence. Bobby sits at the intersection of eDiscovery, digital forensics, cross-border data, privacy, cybersecurity, information governance, and AI governance, bringing a rare combination of legal judgment, technical fluency, and hands-on curiosity. This conversation covers why AI governance has arrived, why information governance is making a comeback, and why the next generation of legal professionals will need to become tech-and-data lawyers.   WHY THIS MATTERS? AI governance is no longer a future issue. It is already here. Companies are dealing with employee use of public AI tools, data exposure, privacy risk, cybersecurity concerns, regulatory pressure, AI policies, privilege questions, AI transcription, and AI-related incidents. For lawyers and legal professionals, this is one of the clearest career white spaces in the market. KEY TAKEAWAYS AI governance has arrived. It is already one of the hottest and busiest areas in the legal industry. AI governance is about vision, guardrails, policies, ethical obligations, legal obligations, regulatory compliance, and business risk. Information governance is the backbone of AI governance. You cannot govern AI if you do not know where your data lives. Data governance sits inside AI governance, and may be the most important part of the whole program. The legal role is expanding, not shrinking. AI governance and data governance are creating new career lanes across law firms, corporate legal departments, privacy, cybersecurity, eDiscovery, and legal operations. You do not need 20 years of AI governance experience. No one really has that. Curiosity, teachability, issue-spotting, and legal judgment matter more. The best professionals in this space combine legal thinking with technical literacy. It is not just about knowing the tools. It is about applying the law to the facts, the technology, and the risk. AI governance is not just about models anymore. It now includes privilege protection, AI transcription, employee AI usage, public AI tools, data exposure, and AI-related breach scenarios. Outside counsel and in-house teams both have a role. Some companies rely heavily on outside counsel, while others use outside counsel for strategy, policy review, sanity checks, regulatory guidance, and high-risk questions. If you want to build a career in this space, get comfortable being uncomfortable. Follow the law. Follow the technology. Find mentors. Set up news alerts. Stay close to communities like LDI and IAPP. PEOPLE MENTIONED David Cowen - Host Bobby Malhotra - Litigation Partner; Chair of eDiscovery and Information Governance; AI Strategy Group Member; Founding Member of Legal Data Intelligence Melanie Prevost - Referenced in connection with career creation and emerging opportunities Malcolm Gladwell - Referenced in connection with the 10,000-hour rule COMPANIES & ORGANIZATIONS MENTIONED Winston - Bobby's firm Legal Data Intelligence / LDI - Community and framework for legal data professionals IAPP - AI governance and privacy education resource CLOC, ILTA, SOLID - Legal operations, innovation, and business of law communities M365, SharePoint, cloud platforms, data lakes, and metadata - Referenced as examples of where organizational data lives Colorado, Connecticut, Illinois, California, and Texas - Referenced in connection with emerging AI legislation EU AI Act - Referenced in connection with AI regulatory obligations NAIC - Referenced in connection with AI guidance in the insurance industry New York DFS - Referenced in connection with regulated financial institutions

It's No Fluke
E378 Holly Hartman: AI Governance is Not Just For Tech Execs

It's No Fluke

Play Episode Listen Later May 27, 2026 27:49


Holly Hartman is an AI governance strategist and founder of FWS Enterprise LLC (Future Workforce Systems), where she works with enterprise leaders to build the guardrails, policies, and workforce readiness programs that make responsible AI adoption real, not just a talking point.She is also the co-founder and President of The WO Network, Kentuckiana's largest professional women's community with more than 4,000 members, and an international bestselling author.Holly is a NAWBO Women Business Owner of the Year 2025 honoree, a Louisville Business First Enterprising Women 2026 recipient, and a Bingham Fellow in the Class of 2026.She is currently pursuing her AI Governance Professional (AIGP) certification through IAPP.Her message to organizations wrestling with AI right now is simple: you do not have to choose between innovation and integrity. The ones who will lead are the ones building governance now, not later. Every AI decision is a workforce decision. She works with organizations to move them AI-Anxious to AI-Ready, From Guardrails to Governance all through an ethical AI Lens.futureworkforcesystems.com

Risky Business
Risky Business #836 -- You can't patch the bugpocalypse

Risky Business

Play Episode Listen Later May 6, 2026 61:56


On this week's show, Patrick Gray and James Wilson are joined by special guest co-host Brad Arkin. They discuss the week's cybersecurity news, including: The US Government says we just have to patch faster, but… Bugs in cPanel, MoveIt and all Linux distributions this week show that patching alone isn't enough James gets mad about lame AI Agent adoption advice from the US and Australian Governments James Kettle and Niels Provos both showed us that any model can find 0day like Mythos And the cyber-assisted theft of cargo results in an astonishing loss of $725 million dollars This week's show is sponsored by SpecterOps. Their CTO, Jared Atkinson, chats to Pat about the big changes in the threat landscape, brought about by AI, that are causing a pivot away from detection and remediation, and toward prevention. This episode is also available on Youtube. Show notes Exclusive: US officials weigh cutting deadlines to fix digital flaws amid worries over AI-powered hacking, sources say | Reuters British cyber agency warns of looming ‘patch wave' as AI speeds flaw discovery | The Record from Recorded Future News Federal agencies must patch cPanel bug by Sunday, CISA says | The Record from Recorded Future News cPanel zero-day exploited for months before patch release (CVE-2026-41940) - Help Net Security The most severe Linux threat to surface in years catches the world flat-footed - Ars Technica New MOVEit vulnerabilities prompt urgent patch warning | Cybersecurity Dive US and allies urge ‘careful adoption' of AI agents | Cybersecurity Dive careful_adoption_of_agentic_ai_services.pdf User just tricked Grok and Bankrbot to send tokens with Morse code - Cryptopolitan Finding Zero-Days with Any Model (1872) Sponsored: James Kettle built an AI hacker - YouTube Feature Interview: Nicholas Carlini, Anthropic - Risky Business Media Trellix investigating breach of source code repository | Cybersecurity Dive Popular DAEMON Tools software compromised | Securelist Komari Red: The Monitoring Tool with a Built-in Reverse Shell | Huntress Hackers earning millions from hijacked cargo, FBI says | The Record from Recorded Future News Congress punts FISA renewal to June | The Record from Recorded Future News Cops Use Apple Data And Car Bluetooth To Identify Crypto Robbery Suspect Stewart Baker, outspoken voice on cybersecurity and national security law, dies at 78 | IAPP

BigIDeas On The Go
Minisode: Who Owns AI in the Enterprise?

BigIDeas On The Go

Play Episode Listen Later May 6, 2026 9:56


AI adoption is moving faster than most security strategies can keep up, and many teams are still treating it like a contained tool instead of a shared risk.On this minisode of Ctrl + Alt + AI, host Dimitri Sirota brings together key insights from past conversations with Trevor Hughes, President of the IAPP; Heather Ceylan, SVP & Chief Information Security Officer at Box; and Aqsa Taylor, Chief Security Evangelist at Exaforce, to break down what leaders are consistently getting wrong about AI risk. Drawing from discussions with security and data experts, Dimitri connects the dots across identity, access, and data exposure to show how AI is quietly expanding the attack surface.This short-form episode focuses on the patterns emerging across organizations, from unseen AI usage to gaps in data control, and what that means for security teams trying to respond in real time.In this episode, you'll learn:Why AI adoption is happening without centralized visibilityHow data exposure increases once it enters AI systemsWhy traditional security timelines no longer match AI-driven riskThings to listen for: (00:00) Why AI risk is often underestimated (00:45) AI adoption without visibility across teams (01:30) The shift from tools to shared risk (02:20) How AI expands access to sensitive data (03:40) Why response time is now a critical gap (05:10) Patterns across recent security conversations (06:30) Data control before AI ingestion (08:00) What security leaders need to rethinkListen to the full episodes here:How AI Risks Are Changing Privacy and What Security Leaders Must Do About It feat. Trevor HughesWhy Agent Identity Is Now a Security Priority feat. Heather CeylanWhy AI Breaks Traditional Security Playbooks feat. Aqsa Taylor

Masters of Privacy
Mark Webber: a law firm's perspective on AI governance

Masters of Privacy

Play Episode Listen Later May 3, 2026 30:07


Mark Webber is the US Managing Partner responsible for overseeing the operations of Fieldfisher in the country - an English lawyer located full time in Silicon Valley. Mark is a recognised leading privacy and AI expert, with a wealth of experience working alongside the world's leading tech companies. Much of his time today involves the responsible development, training, and scaling of AI models and solutions.Our guest teaches classes for both the CIPP/E and AI Governance Professional Programme certification for the IAPP. He is a Fellow in Information Privacy (IAPP).As a leader at Fieldfisher he has been instrumental in establishing, nurturing, and expanding Fieldfisher's presence, operations and services in the United States.References:* Mark Webber on LinkedIn* Mark Webber at Fieldfisher* Colorado AI Act* DPO Central (TODO.LAW)* EU AI Act: rolling out an AI governance framework with AI Sentinel This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Serious Privacy
Royal Reports from IAPP 26 in DC

Serious Privacy

Play Episode Listen Later Apr 16, 2026 34:35


Send us Fan MailOn this episode of Serious Privacy with Paul Breitbarth, Ralph O'Brien, and Dr. K Royal, we review high points of the IAPP Summit held in Washington DC. K attended in person and connected with individuals on their take-aways and the keynote speakers - you know, just some people like Prince Harry, Salman Rushdie, and Maya Shankar (plus others, like Serious Privacy guest Prof. Woodrow Hatzog). We also extend our congratulations to Leadership Award winner Alexandra Reeve Givens (president and CEO of the Center for Democracy and Technology) and the Vanguard winners:Asia: Charmian AwEMEA: John Bowman (who announced his retirement)Latin America (including Mexico): Diego FernándezNorth America (U.S. and Canada): Shana Morgan (beloved guest)Oceania: Christopher Rogers  We also bring you a little bit of recent news. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Ad Law Access Podcast
IAPP Global Privacy Summit 2026- State AI Trends, FTC Signals, California's DROP Build-Out, and the Hard Work of Cookie Compliance

Ad Law Access Podcast

Play Episode Listen Later Apr 10, 2026 10:00


What does the privacy industry's biggest conference reveal about where compliance is headed next? In this episode, we break down key takeaways from the IAPP Global Privacy Summit 2026, from the FTC's signals that remedies will be judged by whether they actually solve the harm at issue, to the rapid shift in state AI legislation toward narrower, risk-based rules focused on transparency, accountability, youth harms, and high-risk use cases. We also examine California's expanding DELETE Request and Opt-out Platform (DROP), which has already processed more than 262,000 deletion requests, and why the summit made one thing clear: in 2026, regulators increasingly expect privacy and AI compliance programs to work in practice—not just on paper. Hosted by Simone Roach. Based on a blog post by Joseph Cahill and Laura Riposo VanDruff.

InfosecTrain
Mastering US Privacy | Your CIPP/US First-Attempt Success Strategy

InfosecTrain

Play Episode Listen Later Apr 10, 2026 31:59


Privacy isn't optional anymore and neither is getting CIPP/US certified. As the gold standard in U.S. private-sector privacy, this credential is the key to navigating the complex landscape of federal and state regulations. In this session, InfosecTrain provides a high-level briefing on the frameworks that define American data protection, from the FTC's role to the shifting sands of state-level privacy acts.The course titled CIPP/US Online Training is essential for those looking to bridge the gap between technical security and the legal requirements of US privacy laws. We break down the most effective study techniques and provide a clear roadmap to help you master the material and pass the IAPP exam on your very first attempt.

Masters of Privacy
Chiara Wirz: a practical AI governance framework for in-house counsel and privacy professionals

Masters of Privacy

Play Episode Listen Later Apr 5, 2026 30:22


Chiara Wirz is a dual-admitted lawyer (California-Switzerland) who advises on privacy, AI governance, and cross-border corporate matters. She has served as Corporate Counsel and AI Ambassador at eBay Inc., where she built AI governance frameworks, operationalized AI deployment at the use case level, and trained legal and compliance professionals.Chiara holds triple IAPP certification, is completing a Professional MBA, and is Co-Chair of the WISP (Women in Security and Privacy) San Francisco Bay Area chapter. She is also an Executive Committee member of the New Lawyers Section and the Liaison of the Privacy Section of the California Lawyers Association.Our guest is a published author and conference speaker on AI governance (PLI, SCCE, California Lawyers Association).References* Chiara Wirz on LinkedIn* Women in Security and Privacy (WISP)* EU AI Act-based AI Governance (with AI Sentinel)* ISO 42001-based AI Governance (with AI Sentinel)* NIST-based AI Governance (with AI Sentinel). This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

The Big Story
Data Privacy At The Kitchen Table

The Big Story

Play Episode Listen Later Apr 2, 2026 35:50


One reason regulators are paying more attention to data privacy? Their constituents care about this "kitchen table" issue. We open with insights from attending a duo of privacy conferences this week, the IAPP summit and IAB Public Policy & Legal event. Then, we turn to how retail media is mashing up with sports, opening up new opportunities across media and ad tech.

InfosecTrain
Mastering IAPP AIGP | Roadmap to AI Governance Excellence

InfosecTrain

Play Episode Listen Later Mar 9, 2026 38:59


Is AI Governance the new "must-have" for cybersecurity professionals? As AI transitions from a luxury to a corporate mandate, the need for certified experts to manage risk and compliance is skyrocketing. In this episode, we break down everything you need to know about the IAPP AIGP certification, the globally recognized gold standard for governing artificial intelligence.Join the experts at InfosecTrain as we navigate the intersection of AI, data privacy (GDPR), and information security. Whether you are a risk manager, a privacy officer, or a tech enthusiast, this guide provides the strategy and mindset needed to master the AIGP exam and lead in the AI-driven IT service industry.Inside This Episode:The AIGP Value Proposition: Why AIGP is becoming a de facto requirement for AI governance roles.Beyond the Code: Why you don't need to be a developer to excel in AI governance.The Three Pillars: Understanding the critical intersection of Privacy, AI Governance, and Information Security.Exam Flavors & Bias: A deep dive into temporal bias, sampling bias, and how they impact regulatory compliance.Governance Models: Comparing Centralized, Decentralized, and Hybrid models for your organization.The "Black Box" Challenge: Tackling explainability and automated decision-making under GDPR.Pro Exam Tips: How to handle case studies and the mindset of an AI Risk Manager.

The Privacy Advisor Podcast
Data protection law in India and Vietnam: A discussion with Charmian Aw

The Privacy Advisor Podcast

Play Episode Listen Later Feb 27, 2026 38:37


The Asia-Pacific region is home to more than half the world's population - at 60% - with approximately 4.75 billion people. In recent years, India and Vietnam, to name just two, have enacted comprehensive data protection laws. Near the end of 2025, India finalized its highly anticipated regulations for the Digital Personal Data Protection Act and Vietnam's Personal Data Protection Law became effective on the first of January this year.    Hogan Lovells Partner Charmian Aw has long practiced in the region, specializing in APAC data protection, privacy, AI governance and cybersecurity law and offers developments of the region in the IAPP's Asia-Pacific Dashboard Digest. She also joined the IAPP Publications Advisory Board this year. While attending the UK Data Protection Intensive in London, IAPP Editorial Director Jedidiah Bracy sat down with Charmian Aw to discuss the latest developments in the region, specifically regarding India and Vietnam. Here's what she had to say. 

She Said Privacy/He Said Security
From Manual to Automated: Building Privacy Programs That Scale

She Said Privacy/He Said Security

Play Episode Listen Later Jan 8, 2026 27:13


Ron De Jesus is the Field Chief Privacy Officer at Transcend, driving practical privacy governance and industry advocacy. He previously led privacy at Grindr, Tinder, and Match Group, built global programs at Tapestry and American Express, founded De Jesus Consulting, and remains an active community leader through the IAPP and LGBTQ Privacy & Tech Network. In this episode… Privacy professionals navigate a growing web of privacy regulations and emerging technologies, yet many still rely on manual processes to manage their programs. Teams might track global requirements in spreadsheets and manually triage privacy rights requests. To scale privacy programs effectively, teams need to move beyond manual approaches. So what should privacy teams consider as they adopt automated solutions? The key to scaling privacy programs efficiently lies in embracing automation and technology that aligns with an organization's broader goals. When privacy leaders secure early buy-in from stakeholders, technology decisions are more likely to support the business beyond basic compliance needs. Teams also need clarity on what they are trying to accomplish, a thorough understanding of where their data lives, and time to evaluate how new tech fits into their existing systems and workflows. Sometimes teams expect third-party privacy tools to work out of the box and solve their compliance needs. However, that is often not the case, and why companies must review and test vendor tech solutions to ensure they accurately meet company requirements.  In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels talk with Ron De Jesus, Field Chief Privacy Officer at Transcend, about transitioning privacy programs from manual processes to automation. Ron emphasizes the importance of internal alignment when adopting privacy technology, discusses the risks of treating privacy tools as plug-and-play compliance solutions, and highlights the need for companies to review vendor tech solutions against their specific requirements and legal obligations. He also explains how the privacy community helps shape his view of how teams operationalize privacy in practice and shares his prediction for what's in store for privacy professionals in 2026.

The Data Chronicles
A new FTC era | Evolving data enforcement and the road to 2026

The Data Chronicles

Play Episode Listen Later Dec 11, 2025 38:56


What can businesses expect from the U.S. Federal Trade Commission on privacy and data enforcement as we move into 2026? In this episode of The Data Chronicles, host Scott Loughlin is joined by Cobun Zweifel-Keegan, Managing Director at the IAPP, for a practical year-end review of the FTC's 2025 enforcement priorities and what they signal for the year ahead.   Together, Scott and Cobun break down how a change in administration reshaped the agency's focus this year, with heightened attention on children's and teens' privacy, COPPA enforcement, cross-platform data collection, and growing concerns around the sale of Americans' sensitive information to foreign adversary countries. They also discuss the FTC's evolving view of privacy as both a consumer protection and national security issue.   The conversation also covers the operational and strategic impact of the FTC operating with only two sitting commissioners, and how today's enforcement posture compares with the more aggressive approach under the prior administration.

BigIDeas On The Go
Privacy Professionals on the Front Lines of AI Risk

BigIDeas On The Go

Play Episode Listen Later Nov 26, 2025 32:11


Security and privacy leaders are under pressure to sign off on AI, manage data risk, and answer regulators' questions while the rules are still taking shape and the data keeps moving. On this episode of Ctrl + Alt + AI, host Dimitri Sirota sits down with Trevor Hughes, President & CEO of the IAPP, to unpack how decades of privacy practice can anchor AI governance, why the shift from consent to data stewardship changes the game, and what it really means to “know your AI” by knowing your data. Together, they break down how CISOs, privacy leaders, and risk teams can work from a shared playbook to assess AI risk, apply practical controls to data, and get ahead of emerging regulation without stalling progress.In this episode, you'll learn:Why privacy teams already have methods that can be adapted to oversee AI systemsBoards and executives want simple, defensible stories about risk from AI useThe strongest programs integrate privacy, security, and ethics into a single strategyThings to listen for: (00:00) Meet Trevor Hughes(01:39) The IAPP's mission and global privacy community(03:45) What AI governance means for security leaders(05:56) Responsible AI and real-world risk tradeoffs(08:47) Aligning privacy, security, and AI programs(15:20) Early lessons from emerging AI regulations(18:57) Know your AI by knowing your data(22:13) Rethinking consent and data stewardship(28:05) Vendor responsibility for AI and data risk(31:26) Closing thoughts and how to find the IAPP

The Privacy Advisor Podcast
Guest pod: Alex LaCasse talks AI governance with Brenda Leong and Andrew Burt

The Privacy Advisor Podcast

Play Episode Listen Later Nov 7, 2025 27:12


As artificial intelligence continues to coalesce in the modern economy, AI governance only grows in significance. Brenda Leong, director of ZwillGen's AI division, and Andrew Burt, CEO of Luminos, have long been on the front lines of AI's emergence and busy helping organizations navigate this space.    In a first for The Privacy Advisor Podcast, we're featuring a guest host, my colleague Alex LaCasse, a staff writer here for the IAPP. LaCasse has been covering compliance technology for the IAPP in recent years and recently caught up with Leong and Burt to learn more about their work in AI governance and the strategies and tools they leverage to help companies maintain customer trust. 

Masters of Privacy
Mélissa M'Raidi-Kechichian: Canada's AI sovereignty, privacy laws, and the timing of ethical frameworks

Masters of Privacy

Play Episode Listen Later Nov 2, 2025 32:25


Mélissa M'Raidi-Kechichian is a Research and Advocacy Fellow at the Center for AI and Digital Policy. As an expert in AI policy, frameworks, and regulation, Mélissa has previously worked in the field of AI and digital policy, civic technology, and digital identity, having also held several consulting positions in the private sector and being part of the AI ethics Advisory Panel of the Canadian Digital Governance Council.Mélissa is also a social entrepreneur and civic tech practitioner working at the intersection of technology, AI regulation, and advocacy. As the founder of Activists Of Tomorrow, they focus on how digital spaces can be used by everyday people to bring meaningful and lasting change to their community. During their free time, Mélissa hosts the Activists of Tech podcast — The Responsible Tech podcast, exploring the intersection of technology and social justice.With Mélissa we are revisiting Canada after our last interviews on the country's data protection framework (over four years ago). We are this time reviewing the country's latest moves in AI policy, and the manner in which privacy or data protection affects AI.References:* Mélissa M'Raidi-Kechichian on LinkedIn* The Activists of Tech podcast — The Responsible Tech podcast* Center for AI and Digital Policy* Activists of Tech - The Responsible Tech podcast* Parliamentary discussion of Bill C27: An Act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other Acts* New privacy requirements under Quebec's Law 25 now in force (IAPP blog)* Stephan Grynwajc: A lawyer's take on EU-US data transfers and the Canadian approach (Masters of Privacy, October 2022)* Derek A. Lackey: A marketer's take on EU-US data transfers and the Canadian approach (Masters of Privacy, October 2022). This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

The Data Diva E260 - Jon Bello and Debbie Reynolds

"The Data Diva" Talks Privacy Podcast

Play Episode Listen Later Oct 28, 2025 50:53 Transcription Available


Send us a textEpisode 260 – Jon Bello: The Evolution of Privacy in the Philippines and Across AsiaIn this episode of The Data Diva Talks Privacy Podcast, Debbie Reynolds, The Data Diva, speaks with Jon Bello, Partner at MBS Law Offices and IAPP 2025 Vanguard of the Year, about how the Philippines has emerged as a regional leader in privacy and data protection. They discuss how the country transitioned from business process outsourcing compliance to a culture of national awareness, and how its unique cultural and legal frameworks continue to influence privacy in Asia. Jon explains that the Philippines was one of the first Asian nations to pass a comprehensive data privacy law after the EU Data Directive but before the GDPR. He and Debbie examine how the Filipino language lacks a direct translation for the word “privacy,” reflecting a family-centric culture that values openness and community. They explore how this cultural context has shaped attitudes toward data sharing and protection. Jon also highlights how the National Privacy Commission has creatively raised public awareness through social media, educational jingles, and outreach campaigns aimed at children.The discussion explores how the BPO industry contributed to the passage of the 2012 Privacy and Cybersecurity Laws and how many organizations now operate under three concurrent frameworks: U.S. privacy laws, such as HIPAA and PCI DSS, the Philippine Data Privacy Act, and the GDPR. Jon explains the importance of the Philippine requirement for a “privacy manual,” which goes beyond a privacy policy to define accountability and governance, as well as the legal requirement to register Data Protection Officers. Debbie and Jon also examine the region's growing focus on AI governance, including Japan's soft-law model and the Philippines' proposed registration system for high-risk AI. The episode highlights the cultural diversity and context-specific nature of Asia's privacy frameworks, underscoring their critical role in the global dialogue on privacy and technology.Support the show

Masters of Privacy
Daniel Simmons-Marengo: Differential Privacy in practice

Masters of Privacy

Play Episode Listen Later Sep 14, 2025 33:52


How can we apply differential privacy to real-world scenarios? How do you go about algorithmic design? Is there a conflict between data minimization and differential privacy? Can you solve for personal data finding its way into machine learning models? Where can a young professional find resources to dive deeper?References:* Daniel Simmons-Marengo on LinkedIn* OpenDP* Some takeaways from PEPR'24 (USENIX Conference on Privacy Engineering Practice and Respect 2024)* Damien Desfontaines: Differential Privacy in Data Clean Rooms (Masters of Privacy, January 2024)* NIST Guidelines for Evaluating Differential Privacy Guarantees (March 2025)* Peter Craddock: EDPS v SRB, the relative nature of personal data, processors, transparency, impact on MarTech and AdTech (Masters of Privacy, September 2025)* Katharine Jarmul: Demystifying Privacy Enhancing Technologies (Masters of Privacy, October 2023)* Sunny Kang: Machine Learning meets Privacy Enhancing Technologies (Masters of Privacy, February 2023)* How GDPR changes the rules for research (Gabe Maldoff, IAPP blog, 2016) This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

The Privacy Advisor Podcast
What makes an AI governance professional: A discussion with Ashley Casovan

The Privacy Advisor Podcast

Play Episode Listen Later Sep 5, 2025 45:07


Nearly a year ago, the IAPP expanded its mission in response to a rapidly changing digital environment to include AI governance, digital responsibility and cybersecurity law. The mission expansion took place a year after the IAPP hired Ashley Casovan to lead its first-ever AI Governance Center. Since then, Casovan has led the development of the center, which includes work helping to inform AI governance training and certification, a forthcoming AI governance textbook, and the AI Governance Global conferences.    Casovan came to the IAPP after leading the Responsible AI Institute as its executive director and previously worked for the Canadian government as director of data architecture and innovation.    She's currently drafting a skills competency framework for AI governance.    Situated in Montreal, Casovan trekked south to spend time at IAPP headquarters in Portsmouth, NH. While here, she and IAPP Editorial Director Jedidiah Bracy discussed the makings of an AI governance professional. What skills are required and what is she seeing in this evolving profession? Here's what she had to say. 

She Said Privacy/He Said Security
The Blueprint for a Global Privacy and Security Program

She Said Privacy/He Said Security

Play Episode Listen Later Aug 21, 2025 30:31


Robert S. Jett III (“Bob”) serves as the first Global Chief Data Privacy Officer at Bunge, where he leads global privacy initiatives and supports key projects in digital transformation, AI, and data management. With over 30 years of legal and in-house counsel experience across manufacturing, insurance, and financial services, he has built and managed global programs for compliance, data privacy, and incident response. Bob has worked extensively across IT, cybersecurity, information security, and corporate compliance teams. He holds a BA in international relations and political science from Hobart College and a JD from the University of Baltimore School of Law. Bob is active in the ACC, IAPP, Georgia Bar Privacy & Law Section, and the Maryland State Bar Association. In this episode… Managing privacy and security across multiple jurisdictions has never been more challenging for global companies, as regulations evolve and privacy, security, and AI risks accelerate at the same time. The challenge becomes particularly acute for businesses managing supply chains that span dozens of countries, where they must navigate geopolitical shifts and comply with strict employee data regulations that differ by region. These organizations also face the added complexity of governing AI tools to protect sensitive data. Navigating these challenges requires close coordination between privacy, security, and operational teams so risks can be identified quickly and addressed in real time.  A simple way global companies can address these challenges is by embedding privacy leaders into operational teams. For global companies, like Bunge, regular communication between privacy, IT, and cybersecurity teams keeps threats visible in real time, while cross-collaboration helps identify vulnerabilities and mitigate weak points. The company also incorporates environmental, social, and governance (ESG) principles into its privacy framework, using traceability to validate supply chain data and meet regulatory requirements. When it comes to managing emerging technologies like AI, foundational privacy principles apply. Companies need to establish governance for data quality, prompt management, third-party vendors, and automated tools, such as AI notetakers. These steps build transparency, reduce risk, and strengthen trust across the organization.  In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels talk with Robert “Bob” Jett, Global Chief Data Privacy Officer at Bunge, about building and leading a global privacy program. Bob emphasizes the importance of embedding privacy leadership into operational teams, like IT departments, to enable collaboration and build trust. He discusses strategies for adhering to ESG principles, managing global employee data privacy, and applying privacy fundamentals to AI governance. Bob also provides tips for responsible AI use, including the importance of prompt engineering oversight, and explains why relationship-building and transparency are essential for effective global privacy and security programs.

The Data Diva E245 - Onur Korucu and Debbie Reynolds

"The Data Diva" Talks Privacy Podcast

Play Episode Listen Later Jul 15, 2025 42:12 Transcription Available


Send us a textIn episode 245, of “The Data Diva” Talks Privacy Podcast, Debbie Reynolds talks to  Onur Korucu, a Non-Executive Director, Managing Partner, Advisory Board Member, IAPP, who brings a rare combination of legal and engineering expertise to the fields of privacy, governance, and artificial intelligence. We discuss how Onur's early fascination with cybersecurity shaped her dual career as both a technology expert and a data protection strategist. She shares insights from her work advising companies across Europe, the Middle East, and beyond on the safe and ethical deployment of AI systems. Onur emphasizes that privacy must be embedded into the foundation of AI models, not just layered on later, and that risk management must include human-centered perspectives from design through deployment.We explore the practical challenges of global compliance, how organizations struggle to keep up with the rapid pace of AI development, and the ethical dilemmas posed by technologies such as deepfakes and surveillance systems. Onur shares her vision for holistic governance frameworks that empower privacy professionals, policymakers, and engineers to work collaboratively. She also discusses the role of education, mentorship, and community support in building resilience within the data protection profession. This episode offers a global perspective on the convergence of AI and privacy, expressing hope for an ethical digital future where transparency, accountability, and human oversight are not optional but essential, and this is also reflected in Data Privacy in the future.Support the show

Cybercrime Magazine Podcast
Top Cybersecurity Industry Associations. IAPP - International Association of Privacy Professionals.

Cybercrime Magazine Podcast

Play Episode Listen Later Jun 20, 2025 0:53


Looking to network in the cybersecurity world? Fortunately, there's no shortage of industry associations to choose from. Today, we're putting the spotlight on the IAPP, or International Association of Privacy Professionals. The IAPP is a resource for professionals who want to develop and advance their careers by helping their organizations successfully manage these risks and protect their data. They provide members with the tools, resources, training, credentials and networking needed to thrive in today's rapidly evolving digital economy. To learn more, visit https://IAPP.org.

international association associations iapp privacy professionals cybersecurity industry
Masters of Privacy (ES)
Henry Velasquez: roles, metas y adecuación normativa en el uso de Data Clean Rooms - arranca la Data Clean Room Alliance

Masters of Privacy (ES)

Play Episode Listen Later Jun 2, 2025 34:08


¿Hemos encontrado la fórmula ganadora para el aprovechamiento de los datos “de primera parte” (1st-party data)? ¿Qué desafíos presentan los Data Clean Rooms? ¿Qué es la DCRA? Henry Velasquez es Global DPO para el sur de Europa y LATAM en el Grupo Publicis, abogado especializado en tecnología y protección de datos, y miembro del Consejo Asesor de la IAPP. A todo ello suma además ahora ser co-fundador de la Data Clean Room Alliance de la que hablaremos hoy. También es profesor asociado en varias instituciones como la Universidad Complutense de Madrid, la IAPP, la IAB, el Data Privacy Institute, ISMS Forum, el Colegio de Abogados de Madrid y otros, además de colaborador en publicaciones especializadas.  Referencias: Henry Velasquez en LinkedIn Data Clean Room Alliance Henry Velasquez: Retail Media y Data Clean Rooms en acción (Masters of Privacy, 2023) Nicola Newitt: The legal case for Data Clean Rooms (Masters of Privacy) EDPB Guidelines on targeting of social media users Enrique Extremera: Aspectos legales de los Data Clean Rooms (Masters of Privacy, 2022) Silvia Ruiz y Henry Velásquez: el rol del DPO en la agencia de medios (Masters of Privacy, 2021)  

Serious Privacy
Retro Week in Privacy - So much to Cover!

Serious Privacy

Play Episode Listen Later May 22, 2025 32:54


Send us a textOn this week of Serious Privacy, Paul Breitbarth, and Dr. K Royal (Ralph O'Brien was traveling), we cover a wild wrap up of privacy activities, including Tom Kemp as the newly appointed head of the California Consumer Privacy Protection Agency, and a wide sweep of enforcement actions including Roku, Honda Motor Company, National Public Data, Tom Snyder, plus class actions against Insomnia and Pill Pack, and a reprimand sent to Deep Seek, IAPP's state privacy law tracker update, California is seeking public feedback on proposed regulations for the delete request and opt-out platform - the DROP system, CNIL's guidance on monitoring self-checkouts, and Meta's request for a court to invalidate the EDPB guidance (can't do it, it's not a law) and Belgium's new law plus quite a bit more. We are packed with news.Please subscribe in your favorite podcast app - sharing is caring!  Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Serious Privacy
Indescribably Intuitive: Indigenous Privacy

Serious Privacy

Play Episode Listen Later May 14, 2025 36:46


Send us a textOn this episode of @SeriousPrivacy, hosts Paul Breitbarth and Dr. K Royal (Ralph wasn'  able to join us in DC) catch up with Tahu Kukutai, Professor, The University of Waikato; Jade Makory, CIPP/E, CIPM, CIPT, FIP, Legal and Advocacy Director, Data Analytics Kenya, and Privacy Expert, PwC (on Sabbatical); and Shana Morgan, AIGP, CIPP/E, CIPM, FIP, Global Head of AI / Privacy, L3Harris Technologies - just after the first IAPP panel on indigenous privacy at GPS25 (moderated by Shoshana Rosenberg). Fabulous and enlightening.   Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Serious Privacy
A week in privacy with Ralph and K

Serious Privacy

Play Episode Listen Later May 8, 2025 23:15


Send us a textOn this week of Serious Privacy,  Ralph O'Brien of Reinbo Consulting, and Dr. K Royal connect to cover a week in privacy as Paul Breitbarth is away. This weeks shorter episode includes a guide to what's coming up from Serious Privacy at IAPP summit in DC, a penalty from the UK ICO, EDPB draft Guidance on blockchain, state laws, enforcement actions, and more!Please subscribe in your favorite podcast app - sharing is caring! Some resourceshttps://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2025/04/law-firm-fined-60-000-following-cyber-attack/https://www.edpb.europa.eu/news/news/2025/edpb-adopts-guidelines-processing-personal-data-through-blockchains-and-ready_enhttps://iapp.org/resources/article/us-state-privacy-legislation-tracker/#state-privacy-law-chart Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Serious Privacy
A week in privacy plus Summit Day 2 recap

Serious Privacy

Play Episode Listen Later May 3, 2025 41:34


Send us a textOn this week of Serious Privacy, Paul Breitbarth, Ralph O'Brien of Reinbo Consulting, and Dr. K Royal have a short week in privacy (a lot about #Meta and children using #AI) along with some updates on the IAPP #GPS25 where we learned that it was all about the people, such as our friends at TrustArc, Ben Siegal, Dan Solove, and so many others. Please subscribe in your favorite podcast app - sharing is caring!  Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

She Said Privacy/He Said Security
Top Takeaways From IAPP GPS 2025 and Atlanta AI Week

She Said Privacy/He Said Security

Play Episode Listen Later May 1, 2025 19:07


Jodi Daniels is the Founder and CEO of Red Clover Advisors, a privacy consultancy, that integrates data privacy strategy and compliance into a flexible, scalable approach that simplifies complex privacy challenges. A Certified Information Privacy Professional, Jodi brings over 27 years of experience in privacy, marketing, strategy, and finance across diverse sectors, working and supporting startups to Fortune 500 companies. Jodi Daniels is a national keynote speaker, and she has also been featured in CNBC, The Economist, WSJ, Forbes, Inc., and many more publications. Jodi holds a MBA and BBA from Emory University's Goizueta Business School. Read her full bio. Justin Daniels is a corporate attorney who advises domestic and international companies on business growth, M&A, and technology transactions, with over $2 billion in closed deals. He helps clients navigate complex issues involving data privacy, cybersecurity, and emerging technologies like AI, autonomous vehicles, blockchain, and fintech. Justin partners with C-suites and boards to manage cybersecurity as a strategic enterprise risk and leads breach response efforts across industries such as healthcare, logistics, and manufacturing.  A frequent keynote speaker and media contributor, Justin has presented at top events including the RSA Conference, covering topics like cybersecurity in M&A, AI risk, and the intersection of privacy and innovation. Together, Jodi and Justin host the top ranked She Said Privacy / He Said Security Podcast and are authors of WSJ best-selling book, Data Reimagined: Building Trust One Byte at a Time. In this episode… From a major privacy summit to a regional AI event, experts across sectors are emphasizing that regulatory scrutiny is intensifying while AI capabilities and risks are accelerating. State privacy regulators are coordinating enforcement efforts, actively monitoring how companies handle privacy rights requests and whether cookie consent platforms work as they should. At the same time, AI tools are advancing rapidly with limited regulatory oversight, raising serious ethical and societal concerns. What practical lessons can businesses take from IAPP's 2025 Global Privacy Summit and Atlanta's AI Week to strengthen compliance, reduce risk, and prepare for what's ahead? At the 2025 IAPP Global Privacy Summit, a major theme emerged: state privacy regulators are collaborating on enforcement more closely than ever before. When it comes to honoring privacy rights, this collaboration spans early inquiry stages through active enforcement, making it critical for businesses to establish, regularly test, and monitor their privacy rights processes. It also means that companies need to audit cookie consent platforms regularly, ensure compliance with universal opt-out signals like the Global Privacy Control, and align privacy notices with actual practices. Regulatory enforcement advisories and FAQs should be treated as essential readings to stay current on regulators' priorities. Likewise at the inaugural Atlanta AI Week, national security and ethical concerns came into sharper focus. Despite promises of localized data storage, some social media platforms and apps continue to raise alarms over foreign governments' potential access to personal data. While experts encourage experimentation and practical application of AI tools, they are also urging businesses to remain vigilant to threats such as deepfakes, AI-driven misinformation, and the broader societal implications of unchecked AI development. In this episode of She Said Privacy/He Said Security, Jodi Daniels, Founder and CEO of Red Clover Advisors, and Justin Daniels, Shareholder and Corporate Attorney at Baker Donelson, share their top takeaways from the IAPP Global Privacy Summit 2025 and the inaugural Atlanta AI Week. Jodi highlights practical steps for improving privacy rights request handling, the importance of regularly testing cookie consent management platforms, and ensuring published privacy notices reflect actual practices. Justin discusses the ethical challenges surrounding AI's rapid growth, the national security risks tied to social media platforms, and the dangers posed by deepfake technology. Together, Jodi and Justin emphasize the importance of continuous education, collaboration, and proactive action to prepare businesses for the future of privacy and AI.

Privacy Please
S6, E240 - From IAPP Insights to Security Challenges: What Really Matters

Privacy Please

Play Episode Listen Later Apr 30, 2025 13:45 Transcription Available


Send us a textCameron and Gabe return after a brief hiatus to explore major developments in security, privacy, and resilience. They dive into insights from the IAPP conference and VeeamOn, examining how AI governance and outdated privacy tools are reshaping the industry landscape.• AI governance frameworks dominated IAPP discussions with companies "building the plane as they're flying"• Verizon's Data Breach Report debunks overblown AI security fears, showing real risks are data leakage and poor access controls• Growing frustration with outdated privacy management tools is driving demand for better solutions• Security posture isn't about using recognized brands but about architecture without dangerous gaps• Sam Altman's virtual appearance at IAPP disappointed attendees expecting an in-person keynoteStay tuned for our bonus episode covering even more developments from this busy week in privacy and security! Support the show

Masters of Privacy (ES)
Laura Juanes: el impacto de la inteligencia artificial sobre la ciberseguridad, derecho comparado y capacitación

Masters of Privacy (ES)

Play Episode Listen Later Apr 29, 2025 42:26


Laura Juanes es jurista especializada en protección de datos personales, gobernanza de inteligencia artificial y derechos humanos en el entorno digital, con más de veinte años de experiencia internacional, y es directora académica del programa avanzado de gestión de incidentes de ciberseguridad en el contexto de la inteligencia artificial (IE Law School).  Laura está basada en Miami y es fundadora de Global Privacy & Policy Consulting, donde asesora a empresas sobre desafíos tecnológicos y regulatorios, forma parte del Consejo de Administración de Caixabank Payments & Consumer y del Consejo Asesor del Ethical AI Governance Group. Laura ha liderado funciones globales de protección de datos personales, cumplimiento y gobernanza digital en Yahoo! y Meta, y también en grupos internacionales en otros sectores como RBI (dueños de Burger King). Ha sido ponente en foros como el G-20, el Foro Económico Mundial, la OEA, la Asamblea Global de Privacidad y la IAPP.  Nuestra invitada es licenciada en Derecho por la Universidad Autónoma de Madrid y tiene un LLM por la Universidad de Miami. Ha co -fundado el Women in Tech Miami Council y colabora como mentora de startups en Florida y América Latina. Referencias: Laura Juanes en LinkedIn IE Law School: Managing Cyber Incidents in an AI Driven World (Advanced Legal Program) Ethical AI Governance Group Women in Tech Miami Council  

The Privacy Advisor Podcast
Privacy in the age of robotics: A discussion with Erin Relford

The Privacy Advisor Podcast

Play Episode Listen Later Apr 25, 2025 36:48


Autonomous robots with embedded artificial intelligence are growing more common across industry sectors. So-called “embodied AI,” collects vast amounts of data through its sensors and changes how humans interact with technology. As embodied AI becomes more common and continues to drive innovation, it also creates new challenges for ethical uses of data and personal privacy. Erin Relford is a privacy engineer at Google and has worked in the embodied AI space. In a recent article for the IAPP, she wrote that “existing privacy mitigations may be insufficient for human-robot interactions.” That's why she helped create a robotics privacy framework to “promote privacy-preserving design” in the “responsible deployment of robotics with embedded AI. IAPP Editorial Director Jedidiah Bracy caught up with Erin to discuss her work in this vanguard space.

The Road to Accountable AI
Ashley Casovan: From Privacy Practice to AI Governance

The Road to Accountable AI

Play Episode Listen Later Apr 24, 2025 38:29 Transcription Available


Professor Werbach talks with Ashley Casavan, Managing Director of the AI Governance Center at the IAPP, the global association for privacy professional and related roles. Ashley shares how privacy, data protection, and AI governance are converging, and why professionals must combine technical, policy, and risk expertise. They discuss efforts to build a skills competency framework for AI roles and examine the evolving global regulatory landscape—from the EU's AI Act to U.S. state-level initiatives. Drawing on Ashley's experience in the Canadian government, the episode also explores broader societal challenges, including the need for public dialogue and the hidden impacts of automated decision-making. Ashley Casovan  serves as the primary thought leader and public voice for the IAPP on AI governance. She has developed expertise in responsible AI, standards, policy, open government and data governance  in the public sector at the municipal and federal levels. As the director of data and digital for the government of Canada, Casovan previously led the development of the world's first national government policy for responsible AI. Casovan served as the Executive Director of the Responsible AI Institute, a member of OECD's AI Policy Observatory Network of Experts, a member of the World Economic Forum's AI Governance Alliance, an Executive Board Member of the International Centre of Expertise in Montréal on Artificial Intelligence and as a member of the IFIP/IP3 Global Industry Council within the UN. Transcript Ashley Casovan IAPP IAPP AI Governance Profession Report 2025 Global AI Law and Policy Tracker Mapping and Understanding the AI Governance Ecosystem

Serious Privacy
The 30 Year Plan: Live from IAPP GPS25

Serious Privacy

Play Episode Listen Later Apr 24, 2025 32:19


Send us a textWe are a little late this week, but with good reason: Paul Breitbarth and Dr. K Royal were attending the IAPP Global Privacy Summit in Washington D.C. and bring you their report from the Opening General Session of the conference. The speakers during this session were professor Lawrence Lessig, Hans Peter Brøndmo and Catie Cuan, each reflecting on 25 years of IAPP and what is next for us privacy professionals. Apparently: it's robots! Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

She Said Privacy/He Said Security
From Principle to Practice: What Privacy Pros Need to Succeed

She Said Privacy/He Said Security

Play Episode Listen Later Apr 17, 2025 34:03


Peter Kosmala is a course developer and instructor at York University in Canada and leads its Information Privacy Program. Peter is a former marketer, technologist, lobbyist, and association leader and a current consultant, educator, and international speaker. He served the IAPP as Vice President and led the launch of the CIPP certification in the early 2000s. In this episode… As data privacy continues to evolve, privacy professionals need to stay sharp by reinforcing their foundational knowledge and refining their practical skills. It's no longer enough to just understand and comply with regulatory requirements. Today's privacy work also demands cultural awareness, ethical judgment, and the ability to apply privacy principles to real-world settings. How can privacy professionals expand their expertise and remain effective in an ever-changing environment? Privacy professionals can't rely on legal knowledge alone to stay ahead. Privacy frameworks like the Fair Information Practice Principles (FIPPs), OECD Guidelines, and others offer principles that help privacy pros navigate shifting global privacy laws and emerging technologies. Privacy pros should also deepen their cultural literacy, recognizing the societal and political drivers behind laws like GDPR to align privacy practices with public expectations. Hands-on operational experience is just as important. Conducting privacy impact assessments (PIAs), responding to data subject access requests (DSARs), and developing clear communications are just a few ways privacy pros can turn knowledge into practical applications. In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels talk with Peter Kosmala, Course Developer and Instructor at York University, about how privacy professionals can future-proof their skills. Peter discusses the value of foundational privacy frameworks, the tension between personalization and privacy, the limits of law-based compliance, and the growing need for ethical data use. He also explains the importance of privacy certifications, hands-on learning, and principled thinking to build programs that work in the real world.

The Privacy Advisor Podcast
On privacy and technology with Dan Solove

The Privacy Advisor Podcast

Play Episode Listen Later Mar 14, 2025 47:08


Privacy law and technological advancements have a deep and intertwined history that go back to at least the 1890s with Samuel Warren and Louis Brandeis's article "The Right to Privacy," which was prompted by camera technology. George Washington University Law Professor Dan Solove has long studied and written about privacy law. He published several well-known books including "Nothing to Hide: The False Trade Off Between Privacy and Security" and co-authored "Privacy Law Fundamentals," which is published by the IAPP. Solove recently published a new book, "On Privacy and Technology." IAPP Editorial Director Jedidiah Bracy caught up with Solove just before the book was published to discuss it and whether the regulation-versus-innovation trade-off is a fallacy, why the notice-and-choice paradigm hasn't worked for consumers, and where the future will take privacy, AI, and cybersecurity law and regulation.

ai technology security privacy iapp louis brandeis samuel warren
Serious Privacy
The Volatile Side of Privacy & Data Protection (with Joe Jones)

Serious Privacy

Play Episode Listen Later Mar 5, 2025 30:08


Send us a textOn this week of Serious Privacy, Paul Breitbarth, Ralph O'Brien of Reinbo Consulting, were off (busy with professional lives), so Dr. K Royal connected with Joe Jones of the IAPP, Director of Research and Insights. They discuss how Joe got started in privacy - building from international trade as a lawyer and then BAM! Out came the GDPR, Joe then migrated to the #UK government, and quickly into the #IAPP, moving to the US about two years ago.Please subscribe in your favorite podcast app - sharing is caring!  Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Masters of Privacy
Mark Jaffe (Rivian): connected cars, assisted driving, and Privacy by Design

Masters of Privacy

Play Episode Listen Later Mar 2, 2025 35:02


What is the best way to address privacy risks in the context of connected cars? Is data minimization compatible with assisted driving? What is the meaning of “Core Vehicle Data”? Mark Jaffe leads the Rivian ethics, compliance and privacy program. This includes ethical culture, compliance oversight, privacy, and investigations.  Prior to joining Rivian, Mark was Senior Vice President for Privacy at Teleperformance, a global business process outsourcer with over 400,000 employees operating in over 80 countries, spending almost two years in Singapore managing privacy issues in the Asia Pacific region. He has also dealt with data protection compliance in Europe, Middle East, and Africa.  Prior to that, Mark spent 17 years at AT&T in global privacy roles as well as global compliance and ethics roles. Our guest is a frequent speaker on a variety of topics related to privacy compliance and data ethics. Mark earned his B.A., cum laude, from Duke University and his J.D., cum laude, from Northwestern University.  References: Mark Jaffe on LinkedIn Rivian's Privacy Hub FTC bans General Motors from selling driving data without permission, adding to case for CarPlay 2 (9to5Mac, January 2025) 800,000 EV drivers' data exposed in Volkswagen breach (The Register, January 2025) Privacy Not Included, a Mozilla Report about connected cars and privacy (“It's Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy”, September 2023) Investigation by Netherlands' DPA prompts changes to Tesla security cameras (IAPP, 2023) Tesla workers shared sensitive images recorded by customer cars (Reuters, 2022) Privacy4Cars  

The Good Practice Podcast
Episode 433 – What does ‘AI literacy' look like in organizations?

The Good Practice Podcast

Play Episode Listen Later Feb 25, 2025 39:30


The World Economic Forum's recent ‘Future of Jobs' report positioned ‘AI and big data' and ‘technological literacy' as skills that will become increasingly important over the next five years. But what do these skills look like in practice? What do we mean when we talk about ‘AI literacy'?  In this week's episode of The Mindtools L&D Podcast, Ross D and Anna are joined by Erica Werneman Root, legal consultant and co-founder of Knowledge Bridge, to discuss:  what ‘AI literacy' means in different contexts;  the compliance implications of building AI literacy in organizations;  how L&D can help employees develop AI skills.  To find out more about AI literacy, check out Erica's recent articles for IAPP.  For examples of how organizations are building AI literacy programmes, explore the AI Office's ‘Living Repository of AI Literacy Practices'.  The blog Anna mentioned was ‘From Centaurs To Cyborgs: Our evolving relationship with generative AI'   In ‘What I Learned This Week', Anna referenced research from Harvard, exploring the effects of AI on knowledge work.  Ross D mentioned OpenAI's new ‘Deep Research' tool. More trivially, he also shared Pierre Franey's five-star recipe for turkey chilli.  For more from us, visit mindtools.com. There, you'll also find details of our award-winning performance support toolkit, our off-the-shelf e-learning, and our custom work.    Connect with our speakers     If you'd like to share your thoughts on this episode, connect with us on LinkedIn:  Ross Dickie  Anna Barnett  Erica Werneman Root 

Cyber Law Revolution
Ep. 92 The Value of Cyber Conferences and Unforeseen Consequences of Vendor Breaches

Cyber Law Revolution

Play Episode Listen Later Feb 23, 2025 9:13


In this episode, we discuss the value of cyber conferences (shout out to NetDiligence, Zywave, IAPP, PLUS, Execusummit, and all the others I missed). Specifically, beyond the sessions, how the conversations in the background help grow understanding of legal, market, and security trends, collaboration, and genuine connections in the industry. I can't neglect a special shout-out to meeting Shawn Melito in a buffet line at a Zywave conference in 2019, discussing the pros and cons of pasta salad. Further, we dive into the unforeseen consequences of mass-scale vendor breaches. Is the market ready for a vendor to throw its hands up, declare bankruptcy, and push all notification obligations to its insureds? Is the market ready for the mass-scale class actions that would follow? Do insurers need to start thinking about sublimit for these types of events? I would love to get everyone's thoughts so keep the questions, calls, and comments coming! E-mail me at spollock@mcdonaldhopkins.com or call me at 410-917-5189. 

CallumConnects Podcast
Punit Bhatia - My biggest hurdle as a leader.

CallumConnects Podcast

Play Episode Listen Later Feb 9, 2025 3:06


Punit Bhatia is a knowledgeable and fascinating expert source who can speak to the media about all aspects of data security, privacy, and how they intersect with AI. A recognized thought leader, Punit is a global speaker who has spoken at over 50 events around the world. He is also the author of four industry important books - “Be Ready for GDPR” , “AI & Privacy,' “Be An Effective DPO,” and “Intro To GDPR.” Globally known as one of the world's leading privacy experts, Punit helps businesses create a culture of privacy by establishing a privacy network and training management. Working with professionals in over 30 countries, Punit empowers CXOs and DPOs to identify and manage privacy risks, and to create and implement privacy strategies in a world that is digital, AI-driven, and has data in the cloud. The founder and owner of FIT4PRIVACY, a brand of the Ek Advisory company, Punit is also a board member at ISACA Belgium Chapter and DPO Circle. In the past, he served as a Training Advisory Board member at IAPP. Punit is a certified Fellow in Information Privacy (FIP), CIPM, COP, and CIPP-E. Punit is also the host /creator of the FIT4PRIVACY Podcast which has been ranked amongst the top GDPR podcasts since 2020. Website: http://www.fit4privacy.com/ LinkedIn: https://www.linkedin.com/in/punitbhatia/ Instagram: https://www.instagram.com/punit.world/ Youtube: https://www.youtube.com/fit4privacy Facebook: https://www.facebook.com/FIT4privacy/ Podcast: https://www.fit4privacy.com/podcast CallumConnects Micro-Podcast is your daily dose of wholesome leadership inspiration. Hear from many different leaders in just 5 minutes what hurdles they have faced, how they overcame them, and what their key learning is. Be inspired, subscribe, leave a comment, go and change the world!

Masters of Privacy
Alex Dittel: recent developments in Australian data privacy

Masters of Privacy

Play Episode Listen Later Feb 3, 2025 26:49


Alex Dittel leads KHQ's Data Privacy, Cyber and Digital legal practice. He brings over 15 years of experience in data protection, information security and technology commercial matters acquired during his time working for big and small technology companies and law firms in the United Kingdom and Australia. As a passionate GDPR-native data privacy lawyer, he advises on Australian as well as international data privacy matters. He holds CIPP/A, CIPP/E and CIPP/US certifications from the IAPP. References: Alexander Dittel on LinkedIn KHQ: Data Privacy, Cyber and Digital Alex Dittel: OAIC's decision a warning re use of facial recognition technology First Tranche of Australia's Privacy Law reforms explained (Association of Corporate Counsel)  

Leadership LIVE @ 8:05! Podcast - Talking Small Business
3 Things Business Owners Don't Know That Can Hurt Them

Leadership LIVE @ 8:05! Podcast - Talking Small Business

Play Episode Listen Later Jan 29, 2025 66:06


3 Things Business Owners Don't Know That Can Hurt Them is covered in this podio, along with the following subjects: - What is the Corporate Transparency Act - How does it impact small business owners? - Why Small Businesses Must Prioritize Compliance and Cybersecurity *************************************** Many business owners may not be aware of the Corporate Transparency Act and its potential impact on small businesses. This act aims to combat money laundering and terrorism financing by requiring certain small businesses to report their beneficial ownership information to the Financial Crimes Enforcement Network (FinCEN). Small business owners must understand how this legislation affects them to ensure compliance and avoid any penalties. I'll be talking with Paul Paray about 3 Things Business Owners Don't Know That Can Hurt Them. Paul has a diverse legal and business background that includes, creating resilient security and privacy compliance programs – including one for an auto insurer; successfully prosecuting intellectual property portfolios; successfully litigating federal and state commercial disputes around the country, and helping small and mid-sized business owners navigate numerous risk management issues. To that end, he has been invited to speak at leading conferences to discuss risk management, including RSA, IAPP, RIMS and PLUS, and has been interviewed regarding risk management by the National Law Journal, Business Insurance, CFO Magazine, ComputerWorld, SC Magazine, Security Management, The Financial Post, The Hartford Business Journal, The Newark Star-Ledger, New Jersey Law Journal, and The New York Times. He can be reached via email at paul@licenz.com.

The FIT4PRIVACY Podcast - For those who care about privacy
Provide Choice, Control & Consent to Create Trust with Katrina Destree and Punit Bhatia in the FIT4PRIVACY Podcast E130 S06

The FIT4PRIVACY Podcast - For those who care about privacy

Play Episode Listen Later Jan 16, 2025 26:56


How can organizations build a true digital trust environment while balancing privacy with user expectations? In this eye-opening episode of the FIT4PRIVACY Podcast, privacy and sustainability expert Katrina Destree and privacy thought leader Punit Bhatia discuss the evolving landscape of digital trust—a crucial factor for organizations in the age of data-driven technologies. Learn how businesses can proactively create choice, control, and consent around user data to establish a strong foundation of trust with their customers. 

Serious Privacy
Brussels State of Mind

Serious Privacy

Play Episode Listen Later Nov 29, 2024 31:57


Send us a textMid November is the time of the year where the data protection community comes together in Brussels for the annual IAPP Data Protection Congress. Paul Breitbarth and Dr. K Royal were not able to join this year, but our third host Ralph O'Brien was in town, and has grabbed some people in between sessions for interviews. This week on Serious Privacy, you get his report. Listen to Ralph's conversations with Jim Campbell, Robert Baugh, Matteo Colombo and Rossana Baldon, and Andreea Lisievici Nevin.Edited by Fey O'Brien. If you have comments or questions, find us on LinkedIn and IG @seriousprivacy, and on Blue Sky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! Proudly sponsored by TrustArc. Learn more about NymityAI at https://trustarc.com/nymityai-beta/ #heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO

Careers in Data Privacy
Scott M. Giordano: Partner and co-founder at The CISO Law Firm

Careers in Data Privacy

Play Episode Listen Later Nov 25, 2024 36:27


On today's podcast, I am chatting with Scott, We will talk about his many jobs, there's a lot! In college, Scott studied Business Administration, He was on the advisory board overseeing IAPP certifications!

Resilient Cyber
Resilient Cyber w/ Jim Dempsey - Navigating the Cyber Regulatory Landscape

Resilient Cyber

Play Episode Listen Later Nov 18, 2024 56:54


In this episode, we sit with the return guest, Jim Dempsey. Jim is the Managing Director of the Cybersecurity Law Center at IAPP, Senior Policy Advisory at Stanford, and Lecturer at UC Berkeley. We will discuss the complex cyber regulatory landscape, where it stands now, and implications for the future based on the recent U.S. Presidential election outcome.We dove into a lot of topics including:The potential impact of the latest U.S. Presidential election, including the fact that while there are parallels between Trump's first term and Joe Biden's, there are also key differences. We're likely to see a deregulatory approach related to commercial industry and consumer tech but much more alignment and firm stances related to cyber and national security.The future of efforts around Software Liability and Safe HarborContrasted differences between the EU's tech regulatory efforts and the U.S. The U.S. has taken a much more voluntary approach. While Jim is an advocate of regulation and thinks it is needed, he simply cannot get behind the heavy-handed approach of the EU and suspects it will continue to widen the tech gap between the U.S. and the EU.What is the potential for regulatory harmonization and the challenges due to the unique aspects of each industry, vertical, data types, and more.Jim leads the recently formed IAPP Cybersecurity Law CenterHe is also the author of the book Cybersecurity Law Fundamentals, Second Edition.

Serious Privacy
The Times They Are a-Changin'

Serious Privacy

Play Episode Listen Later Oct 1, 2024 38:24


Send us a textOn this week of Serious Privacy, Paul Breitbarth and Dr. K Royal discuss recent developments in privacy and data protection laws around the world. They talk about the new European Commission that will take office later this year, the revamp of the IAPP, mobile app compliance guidelines from the CNIL, the Global Privacy Assembly in Jersey, and much more. If you have comments or questions, find us on LinkedIn and IG @seriousprivacy @podcastprivacy @euroPaulB @heartofprivacy and email podcast@seriousprivacy.eu. Rate and Review us! Proudly sponsored by TrustArc. Learn more about NymityAI at https://trustarc.com/nymityai-beta/ #heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO