Himalaya: Listen. Learn. Grow.

4.8K Ratings
Open In App
title

GDPR Now!

Karen Heaton/Data Protection 4 Business

0
Followers
0
Plays
GDPR Now!

GDPR Now!

Karen Heaton/Data Protection 4 Business

0
Followers
0
Plays
OVERVIEWEPISODESYOU MAY ALSO LIKE

Details

About Us

GDPR Now! is brought to you by Data Protection 4 Business and Thisisdpo! Our podcast is about GDPR and all things related to data security and privacy. Our episodes provide insightful information for business leaders and privacy professionals alike. The hosts are joined by a range of fantastic guests to discuss the latest news, developments, and trends within data security and privacy. Each episode will be devoted to a specific theme and will feature one or more experts talking about an issue of relevance to the industry. Whether you're a business owner or manager, privacy expert, a privacy beginner or you just want to know more, this is the podcast for you!

Latest Episodes

The end of the EU-US Privacy Shield. Now what?

Today we depart from the corornavirus related stories to bring you an update on the landmark ruling from the European Court of Justice on the EU - US Privacy Shield. The decision by the ECJ on 16th July 2020, to invalidate the EU - US Privacy Shield has sent shockwaves across organisations in the EU and US. We are joined by fellow host, Mark Sherwood-Edwards, lawyer, data protection specialist and founder of ThisisDPO. Mark has read the judgement and is going to talk to us today about what it means for data protection, for businesses and for DPO’s. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest Mark Sherwood-Edwards Founder ThisisDPO www.thisisdpo.co.uk

37 MIN2 w ago
Comments
The end of the EU-US Privacy Shield. Now what?

How do you know if your data has been compromised?

This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. In this episode we are delighted to have Andrew Alston, founding director at Breach Aware and Business intelligence Theoroms. Andrew talks to us about Breach Aware which is a data breach monitoring and reporting application designed to help organisations detect and prevent crime, as part of their system of risk management. The solution can be used for SME's and individuals as well as large organisations. Andrew and his team pride themselves in offering this solution at affordable rates for SME's. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest Andrew Alston Founding Director Breach Aware Andrew@BITs.CompanySpecial Guest: Andrew Alston.

21 MINJUL 8
Comments
How do you know if your data has been compromised?

Whose data is it anyway? Impact on track and track apps

This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. In this episode, we are going discuss personal data in detail and explore the question of: whose data is it anyway? And what are we prepared to tolerate regarding track and trace programmes as governments around the world implement track and track apps. To discuss this we are delighted to have Phil Brown, The Norfolk Data Protection Mardler, who advices clients in Norfolk on data protection. _Please note: Phil makes reference to the need for self reporting but would like to clarify that in the NHS Test and Trace scheme, an NHS Tracker will only contact individuals who have tested positive for Covid19. Whether someone should be tested at all is heavily dependent on self reporting. Furthermore, responses to a possible request to us to identify those with whom we may have had recent close contact is based on our ‘civic duty’ rather than a legal requirement - so it’s very much down to our willingness or judgment to do so. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Phil Brown Data Protection Consultant pa@datamardler.co.uk Phil is an independent data protection consultant based in North Norfolk and has provided data protection advice and support to a wide variety of industries across Norfolk and beyond, mostly to small businesses. Prior to that, Phil had a 20 year career as a military communications officer which was then followed by 12 years in the world of mobile phone standardisation, mostly consulting for a Japanese mobile phone operator. During the latter phase, he chaired an international working group that developed mobile phone conformance tests and also chaired the Global Certification Forum when is became a legal entity in 2008. Such work has seen him travel widely and has, at various times, studied French, German, Japanese and Mandarin Chinese none of which prepared him for life in Norfolk when he moved there in 2016! He has a Masters degree in Design of Information Systems and his currently trading as Norfolk’s Data Protection Mardler. Special Guest: Phil Brown.

23 MINJUN 18
Comments
Whose data is it anyway? Impact on track and track apps

Track and trace apps: views from Australia

This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. In this episode, we start our series of discussions on track and trace apps from around the world. Today, we are are discovering how track and trace is being managed in Australia. To discuss this with us, we are delighted to have Katherine Sainty and Belyndy Rowe from Sainty Law, a boutique law firm specialising in privacy, big data, technology & cybersecurity in Sydney. Katherine and Belyndy are going to talk to us about what is happening in Australia. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Katherine Sainty Director Katherine is the founder and team leader at Sainty Law. Katherine is a corporate and commercial lawyer who specialises in digital, technology and media law. http://www.saintylaw.com.au/ Belyndy Rowe Senior Associate Belyndy advises commercial and creative industry clients in commercial transactions, intellectual property and technology law. Email: belyndy.rowe@saintylaw.com.au http://www.saintylaw.com.au/Special Guests: Belyndy Rowe and Katherine Sainty.

23 MINJUN 2
Comments
Track and trace apps: views from Australia

The rise of Cyber crime: security challenges for SME's

Regular listeners will have already heard our episodes on what DPOs need to know about cyber security, and COVID 19 impact on data protection. gdpr, privacy, data security, cyber crime, data protection, SME In this episode, we are going to talk about the exponential rise of cyber crime as a business, the need to understand the risks and the security challenges for SME's. This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. We are delighted to have Zohar Rozenberg (Col. Ret.) who is the Chief Security Officer at Elron, a leading Israeli holding company dedicated to building technology companies. Aside from an impressive career in Israeli defence and cyber security, Zohar has written a number of recent articles on cyber issues: https://www.cisomag.com/cyber-startup-hub-in-israel-declines-as-global-competition-rises-elron-vp/ https://www.theepochtimes.com/coronavirus-hackers-try-to-take-advantage-of-people-working-from-home_3275525.html https://siliconangle.com/2020/03/13/coronavirus-offers-golden-opportunity-evolve-security-architecture/ https://www.jpost.com/middle-east/cyber-attacks-new-maritime-threat-warns-former-idf-cyber-head-599165 https://www.helpnetsecurity.com/2020/03/11/coronavirus-evolve-security-architecture/ GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Zohar Rosenberg Chief Security Officer & Board Member Elron Electronic Industries (TASE: ELRN) www.elron.com adir@davidmalits.comSpecial Guest: Zohar Rosenberg.

25 MINMAY 29
Comments
The rise of Cyber crime: security challenges for SME's

Group Action lawsuits from data breaches: what business leaders and your DPO needs to know

Welcome to another episode of GDPR Now, a podcast dedicated to data protection and all things data security and privacy. This week’s episode is Group Action lawsuits arising from data breaches. We continue our series of podcasts addressing concerns resulting from the coronavirus pandemic, such as increases in data breaches arising from IT security issues and the increased risks resulting from the huge shift to remote working for 100,000s businesses across the UK and the world. In the studio today we are delighted to have Kingsley Hayes, Managing Director of Hayes Connor Solicitors based in Widnes, Cheshire. In this second episode, we are going to talk about Group Action lawsuits, what they are, how they operate and the British Airways case. For anyone who wants to join the BA data breach action if they have been affected - the link is here. If you missed it, Kingsley and I discussed COVID19 and the impact on Data Protection in Episode 17. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Kingsley Hayes Managing Director Hayes Connor Solicitors www.hayesconnor.co.uk @HayesConnorSol 0330 107 5165Special Guest: Kingsley Hayes.

26 MINMAY 18
Comments
Group Action lawsuits from data breaches: what business leaders and your DPO needs to know

COVID 19 Pandemic and the impact on Data Protection

Welcome to another episode of GDPR Now, a podcast dedicated to data protection and all things data security and data privacy. This week’s episode is COVID 19 and the impact on Data Protection. Regular listeners will have already heard our episodes on what DPOs need to know about cyber security, for those that missed them, they are episodes 7 & 15. Today, we start a series of podcasts addressing concerns resulting from the coronavirus pandemic and the shift in working practises for 100,000s businesses across the UK and the world. In the studio today we are delighted to have Kingsley Hayes, Managing Director of Hayes Connor Solicitors based in Widnes, Cheshire. In this first of two episodes, we are going to talk about Covid 19 and the impact on data protection. In our second episode, Kingsley and I will be discussing data breach Group Action law suits in general, and the BA action in particular. We cover the reputational and financial risks businesses need to be aware of when Group Actions, are filed as a result of data breaches. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Kingsley Hayes Managing Director Hayes Connor Solicitors www.hayesconnor.co.uk @HayesConnorSol 0330 107 5165 Host Karen Heaton info@dpo4business.co.uk www.dpo4business.co.uk This podcast is brought to you by thisisdpo.co.uk and Data Protection 4 Business. For more information, go to thisisdpo.co.uk or dpo4business.co.uk. All suggestions for topics, improvement etc are gratefully received or if you want to appear on the podcast, please contact us at info@dpo4business.co.uk.Special Guest: Kingsley Hayes.

27 MINMAY 14
Comments
COVID 19 Pandemic and the impact on Data Protection

Digital Detox - how to cleanse yourself on Data Protection Day

On the day after Data Protection Day (or Privacy Day, depending on whether you are tomato or tomato) we take a look at privacy enhancing technologies - how to control, restrict and eliminate your personal data footprint (if that’s what you want to do). This podcast will be invaluable for privacy professionals that want to know what PETs are available and for consumers that would like to have greater control of their digital profiles. GDPR Now! Is brought to you by This Is DPO. www.thisisdpo.co.uk. Guest/s Abigail Dubiniecki Data Protection Specialist My Inhouse Lawyer https://www.linkedin.com/in/abigaild/ Host Mark Sherwood-Edwards info@thisisdpo.co.uk Materials Competition and Markets Authority (UK competition regulator) report on digital advertising https://www.gov.uk/government/news/cma-lifts-the-lid-on-digital-giants Links to PETs (Privacy Enhancing Tech) and resources mentioned in the podcast (and more!) Disclaimer – not endorsing any PET in particular, just sharing info. Want a pretty version or more explanation? Check out my LinkedIn profile for a Slideshare of a presentation and handy Infographic – available next week. Let’s help build this list. Which PETs are you using or curious to try? If they’re not here, let Abigail know via contact details in the show notes so I can update my list. Inform yourself, update software, adjust privacy settings, use 2FA! Privacy Analyzer (https://privacy.net/analyzer): Analyses your browser to reveal what can be learned about you and recommend actions you can take DuckDuckGo Device Privacy Tips https://spreadprivacy.com/tag/device-privacy-tips/ ‘Learn’ tab in the DisconnectMe Privacy Pro VPN (iOS only) – ‘learn’ materials available without paying. Just download the app and click!: https://apps.apple.com/us/app/disconnect-privacy-pro-entire/id1057771839?ls=1 Consumer Reports articles & videos with quick-fixes in bite-sized pieces: https://www.consumerreports.org/privacy/linkedin-privacy-settings/ www.consumerreports.org/video/view/electronics/news/6050416388001/protecting-your-online-privacy/ Terms of Service, Didn’t Read (TOSDR https://tosdr.org/): one-stop shop for digested Ts & Cs of most popular online providers, including score cards. Brilliant browser add-on offers automatic assessment of pages you access. Addresses privacy notices & terms e.g. cancellation, etc. Ghostery (www.ghostery.com) lets you block ads and trackers, watch the watchers, and speed up your browser with a suite of products, some of which are free, others reasonably privacy. A new product – Ghostery Midnight (www.ghostery.com/midnight) – claims to protect your entire device while giving granular preference management at the app-by app level. Sounds like having your own personal privacy watchdog on your device. Extension is free!! But some of the other products are paid. Baycloud (https://baycloud.com) was one of the early champions of privtech, starting in the DNT space. They offer B2C and B2B resources. Baycloud Bouncer let reveals who’s tracking you and gives you a handy dashboard to adjust your preferences (https://baycloud.com/bouncer). You can also pre-scan websites you’d like to visit from the comfort of Baycloud’s site. Try before you buy (so to speak, with your data I mean). Free!! Have I been pwned?(https://haveibeenpwned.com) will help you check whether your account or credentials has been compromised based on research into the (sigh) multitudinous data breaches. Free!! DuckDuckGo privacy report card for websites (https://duckduckgo.com/app): instantly evaluates and remediates websites you visit to give you a before and after score. Browser add-on for various browser types on desktop but only available for iOS on mobile. Free!! Deseat.Me (www.deseat.me) : Helps you clean up your online presence by instantly getting a list of all your accounts, allowing you to sort through and delete them / unsubscribe. Personal Data.io: A self-named “integrated toolbox addressing surveillance capitalism”. Th

43 MINJAN 28
Comments
Digital Detox - how to cleanse yourself on Data Protection Day

Cyber security - everything a DPO needs to know. Part 2.

Cyber security is an area of key concern for any DPO or privacy professional. Having looked at people and training issues in episode 7, this episode focuses on the key physical issues: physical and technical access controls, network design considerations, default deny and least privilege, separation of duties and working in key areas. GDPR Now! Is brought to you by This Is DPO. www.thisisdpo.co.uk. Guest/s Andy Larkum CEO of ADL Consulting https://adlconsulting.co.uk andy@adlconsulting.co.uk Host Mark Sherwood-Edwards info@thisisdpo.co.uk Materials You can try ADL Consulting’s "Introduction to Cyber Security" module for free here: https://adlconsulting.teachable.com/p/an-introduction-to-cyber-security From previous episode on cyber security Cyber Essentials self-assessment questionnaire: https://adlconsulting.co.uk/getting-help-cyber-essentials - see heading "What's Involved" ISO 27001 https://adlconsulting.co.uk/iso27001-consultancy Training: https://adlconsulting.co.uk/staff-trai...

43 MINJAN 16
Comments
Cyber security - everything a DPO needs to know. Part 2.

Privacy by Design

Privacy By Design is one of the key elements of good data protection, and is made mandatory by Article 25 of the GDPR. But what does PbD mean in practice? In this podcast, we look at the key elements of PbD, discuss some actual use cases, and examine how to apply PbD on the ground. GDPR Now! Is brought to you by This Is DPO. www.thisisdpo.co.uk. Guest Sam Bouso, Founder and CEO of Precognitive Inc., sbouso@precognitive.io https://precognitive.com/ Host Mark Sherwood-Edwards info@thisisdpo.co.uk Materials Recommended By Sam Bouso Article “Privacy By Design Is Important For Every Area Of Your Business” is a good general intro Book “The Ultimate GDPR Practitioner Guide: Demystifying Privacy & Data Protection” Especially Chapter 11 which has solid examples and areas of focus for those trying to implement PbD. Ann Cavoukian’s 7 principles of PbD Proactive not reactive; preventive not remedial The privacy by design approach is characterized by proactive rather than reactive measures. It anticipates and prevents privacy invasive events before they happen. Privacy by design does not wait for privacy risks to materialize, nor does it offer remedies for resolving privacy infractions once they have occurred — it aims to prevent them from occurring. In short, privacy by design comes before-the-fact, not after. Privacy as the default Privacy by design seeks to deliver the maximum degree of privacy by ensuring that personal data are automatically protected in any given IT system or business practice. If an individual does nothing, their privacy still remains intact. No action is required on the part of the individual to protect their privacy — it is built into the system, by default. Privacy embedded into design Privacy by design is embedded into the design and architecture of IT systems as well as business practices. It is not bolted on as an add-on, after the fact. The result is that privacy becomes an essential component of the core functionality being delivered. Privacy is integral to the system without diminishing functionality. Full functionality – positive-sum, not zero-sum Privacy by design seeks to accommodate all legitimate interests and objectives in a positive-sum “win-win” manner, not through a dated, zero-sum approach, where unnecessary trade-offs are made. Privacy by design avoids the pretense of false dichotomies, such as privacy versus security, demonstrating that it is possible to have both. End-to-end security – full lifecycle protection Privacy by design, having been embedded into the system prior to the first element of information being collected, extends securely throughout the entire lifecycle of the data involved — strong security measures are essential to privacy, from start to finish. This ensures that all data are securely retained, and then securely destroyed at the end of the process, in a timely fashion. Thus, privacy by design ensures cradle-to-grave, secure lifecycle management of information, end-to-end. Visibility and transparency – keep it open Privacy by design seeks to assure all stakeholders that whatever the business practice or technology involved, it is in fact, operating according to the stated promises and objectives, subject to independent verification. Its component parts and operations remain visible and transparent, to users and providers alike. Remember, trust but verify. Respect for user privacy – keep it user-centric Above all, privacy by design requires architects and operators to keep the interests of the individual uppermost by offering such measures as strong privacy defaults, appropriate notice, and empowering user-friendly options. Keep it user-centric. See also: https://iab.org/wp-content/IAB-uploads/2011/03/fred_carter.pdf https://iapp.org/resources/article/privacy-by-design-the-7-foundational-principles/ Looking for something long and technical? "Privacy and Data Protection by Design – from policy to engineering". ENISA Questions, suggestion for improvement, ideas for iss

40 MIN2019 NOV 27
Comments
Privacy by Design

Latest Episodes

The end of the EU-US Privacy Shield. Now what?

Today we depart from the corornavirus related stories to bring you an update on the landmark ruling from the European Court of Justice on the EU - US Privacy Shield. The decision by the ECJ on 16th July 2020, to invalidate the EU - US Privacy Shield has sent shockwaves across organisations in the EU and US. We are joined by fellow host, Mark Sherwood-Edwards, lawyer, data protection specialist and founder of ThisisDPO. Mark has read the judgement and is going to talk to us today about what it means for data protection, for businesses and for DPO’s. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest Mark Sherwood-Edwards Founder ThisisDPO www.thisisdpo.co.uk

37 MIN2 w ago
Comments
The end of the EU-US Privacy Shield. Now what?

How do you know if your data has been compromised?

This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. In this episode we are delighted to have Andrew Alston, founding director at Breach Aware and Business intelligence Theoroms. Andrew talks to us about Breach Aware which is a data breach monitoring and reporting application designed to help organisations detect and prevent crime, as part of their system of risk management. The solution can be used for SME's and individuals as well as large organisations. Andrew and his team pride themselves in offering this solution at affordable rates for SME's. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest Andrew Alston Founding Director Breach Aware Andrew@BITs.CompanySpecial Guest: Andrew Alston.

21 MINJUL 8
Comments
How do you know if your data has been compromised?

Whose data is it anyway? Impact on track and track apps

This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. In this episode, we are going discuss personal data in detail and explore the question of: whose data is it anyway? And what are we prepared to tolerate regarding track and trace programmes as governments around the world implement track and track apps. To discuss this we are delighted to have Phil Brown, The Norfolk Data Protection Mardler, who advices clients in Norfolk on data protection. _Please note: Phil makes reference to the need for self reporting but would like to clarify that in the NHS Test and Trace scheme, an NHS Tracker will only contact individuals who have tested positive for Covid19. Whether someone should be tested at all is heavily dependent on self reporting. Furthermore, responses to a possible request to us to identify those with whom we may have had recent close contact is based on our ‘civic duty’ rather than a legal requirement - so it’s very much down to our willingness or judgment to do so. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Phil Brown Data Protection Consultant pa@datamardler.co.uk Phil is an independent data protection consultant based in North Norfolk and has provided data protection advice and support to a wide variety of industries across Norfolk and beyond, mostly to small businesses. Prior to that, Phil had a 20 year career as a military communications officer which was then followed by 12 years in the world of mobile phone standardisation, mostly consulting for a Japanese mobile phone operator. During the latter phase, he chaired an international working group that developed mobile phone conformance tests and also chaired the Global Certification Forum when is became a legal entity in 2008. Such work has seen him travel widely and has, at various times, studied French, German, Japanese and Mandarin Chinese none of which prepared him for life in Norfolk when he moved there in 2016! He has a Masters degree in Design of Information Systems and his currently trading as Norfolk’s Data Protection Mardler. Special Guest: Phil Brown.

23 MINJUN 18
Comments
Whose data is it anyway? Impact on track and track apps

Track and trace apps: views from Australia

This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. In this episode, we start our series of discussions on track and trace apps from around the world. Today, we are are discovering how track and trace is being managed in Australia. To discuss this with us, we are delighted to have Katherine Sainty and Belyndy Rowe from Sainty Law, a boutique law firm specialising in privacy, big data, technology & cybersecurity in Sydney. Katherine and Belyndy are going to talk to us about what is happening in Australia. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Katherine Sainty Director Katherine is the founder and team leader at Sainty Law. Katherine is a corporate and commercial lawyer who specialises in digital, technology and media law. http://www.saintylaw.com.au/ Belyndy Rowe Senior Associate Belyndy advises commercial and creative industry clients in commercial transactions, intellectual property and technology law. Email: belyndy.rowe@saintylaw.com.au http://www.saintylaw.com.au/Special Guests: Belyndy Rowe and Katherine Sainty.

23 MINJUN 2
Comments
Track and trace apps: views from Australia

The rise of Cyber crime: security challenges for SME's

Regular listeners will have already heard our episodes on what DPOs need to know about cyber security, and COVID 19 impact on data protection. gdpr, privacy, data security, cyber crime, data protection, SME In this episode, we are going to talk about the exponential rise of cyber crime as a business, the need to understand the risks and the security challenges for SME's. This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. We are delighted to have Zohar Rozenberg (Col. Ret.) who is the Chief Security Officer at Elron, a leading Israeli holding company dedicated to building technology companies. Aside from an impressive career in Israeli defence and cyber security, Zohar has written a number of recent articles on cyber issues: https://www.cisomag.com/cyber-startup-hub-in-israel-declines-as-global-competition-rises-elron-vp/ https://www.theepochtimes.com/coronavirus-hackers-try-to-take-advantage-of-people-working-from-home_3275525.html https://siliconangle.com/2020/03/13/coronavirus-offers-golden-opportunity-evolve-security-architecture/ https://www.jpost.com/middle-east/cyber-attacks-new-maritime-threat-warns-former-idf-cyber-head-599165 https://www.helpnetsecurity.com/2020/03/11/coronavirus-evolve-security-architecture/ GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Zohar Rosenberg Chief Security Officer & Board Member Elron Electronic Industries (TASE: ELRN) www.elron.com adir@davidmalits.comSpecial Guest: Zohar Rosenberg.

25 MINMAY 29
Comments
The rise of Cyber crime: security challenges for SME's

Group Action lawsuits from data breaches: what business leaders and your DPO needs to know

Welcome to another episode of GDPR Now, a podcast dedicated to data protection and all things data security and privacy. This week’s episode is Group Action lawsuits arising from data breaches. We continue our series of podcasts addressing concerns resulting from the coronavirus pandemic, such as increases in data breaches arising from IT security issues and the increased risks resulting from the huge shift to remote working for 100,000s businesses across the UK and the world. In the studio today we are delighted to have Kingsley Hayes, Managing Director of Hayes Connor Solicitors based in Widnes, Cheshire. In this second episode, we are going to talk about Group Action lawsuits, what they are, how they operate and the British Airways case. For anyone who wants to join the BA data breach action if they have been affected - the link is here. If you missed it, Kingsley and I discussed COVID19 and the impact on Data Protection in Episode 17. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Kingsley Hayes Managing Director Hayes Connor Solicitors www.hayesconnor.co.uk @HayesConnorSol 0330 107 5165Special Guest: Kingsley Hayes.

26 MINMAY 18
Comments
Group Action lawsuits from data breaches: what business leaders and your DPO needs to know

COVID 19 Pandemic and the impact on Data Protection

Welcome to another episode of GDPR Now, a podcast dedicated to data protection and all things data security and data privacy. This week’s episode is COVID 19 and the impact on Data Protection. Regular listeners will have already heard our episodes on what DPOs need to know about cyber security, for those that missed them, they are episodes 7 & 15. Today, we start a series of podcasts addressing concerns resulting from the coronavirus pandemic and the shift in working practises for 100,000s businesses across the UK and the world. In the studio today we are delighted to have Kingsley Hayes, Managing Director of Hayes Connor Solicitors based in Widnes, Cheshire. In this first of two episodes, we are going to talk about Covid 19 and the impact on data protection. In our second episode, Kingsley and I will be discussing data breach Group Action law suits in general, and the BA action in particular. We cover the reputational and financial risks businesses need to be aware of when Group Actions, are filed as a result of data breaches. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Kingsley Hayes Managing Director Hayes Connor Solicitors www.hayesconnor.co.uk @HayesConnorSol 0330 107 5165 Host Karen Heaton info@dpo4business.co.uk www.dpo4business.co.uk This podcast is brought to you by thisisdpo.co.uk and Data Protection 4 Business. For more information, go to thisisdpo.co.uk or dpo4business.co.uk. All suggestions for topics, improvement etc are gratefully received or if you want to appear on the podcast, please contact us at info@dpo4business.co.uk.Special Guest: Kingsley Hayes.

27 MINMAY 14
Comments
COVID 19 Pandemic and the impact on Data Protection

Digital Detox - how to cleanse yourself on Data Protection Day

On the day after Data Protection Day (or Privacy Day, depending on whether you are tomato or tomato) we take a look at privacy enhancing technologies - how to control, restrict and eliminate your personal data footprint (if that’s what you want to do). This podcast will be invaluable for privacy professionals that want to know what PETs are available and for consumers that would like to have greater control of their digital profiles. GDPR Now! Is brought to you by This Is DPO. www.thisisdpo.co.uk. Guest/s Abigail Dubiniecki Data Protection Specialist My Inhouse Lawyer https://www.linkedin.com/in/abigaild/ Host Mark Sherwood-Edwards info@thisisdpo.co.uk Materials Competition and Markets Authority (UK competition regulator) report on digital advertising https://www.gov.uk/government/news/cma-lifts-the-lid-on-digital-giants Links to PETs (Privacy Enhancing Tech) and resources mentioned in the podcast (and more!) Disclaimer – not endorsing any PET in particular, just sharing info. Want a pretty version or more explanation? Check out my LinkedIn profile for a Slideshare of a presentation and handy Infographic – available next week. Let’s help build this list. Which PETs are you using or curious to try? If they’re not here, let Abigail know via contact details in the show notes so I can update my list. Inform yourself, update software, adjust privacy settings, use 2FA! Privacy Analyzer (https://privacy.net/analyzer): Analyses your browser to reveal what can be learned about you and recommend actions you can take DuckDuckGo Device Privacy Tips https://spreadprivacy.com/tag/device-privacy-tips/ ‘Learn’ tab in the DisconnectMe Privacy Pro VPN (iOS only) – ‘learn’ materials available without paying. Just download the app and click!: https://apps.apple.com/us/app/disconnect-privacy-pro-entire/id1057771839?ls=1 Consumer Reports articles & videos with quick-fixes in bite-sized pieces: https://www.consumerreports.org/privacy/linkedin-privacy-settings/ www.consumerreports.org/video/view/electronics/news/6050416388001/protecting-your-online-privacy/ Terms of Service, Didn’t Read (TOSDR https://tosdr.org/): one-stop shop for digested Ts & Cs of most popular online providers, including score cards. Brilliant browser add-on offers automatic assessment of pages you access. Addresses privacy notices & terms e.g. cancellation, etc. Ghostery (www.ghostery.com) lets you block ads and trackers, watch the watchers, and speed up your browser with a suite of products, some of which are free, others reasonably privacy. A new product – Ghostery Midnight (www.ghostery.com/midnight) – claims to protect your entire device while giving granular preference management at the app-by app level. Sounds like having your own personal privacy watchdog on your device. Extension is free!! But some of the other products are paid. Baycloud (https://baycloud.com) was one of the early champions of privtech, starting in the DNT space. They offer B2C and B2B resources. Baycloud Bouncer let reveals who’s tracking you and gives you a handy dashboard to adjust your preferences (https://baycloud.com/bouncer). You can also pre-scan websites you’d like to visit from the comfort of Baycloud’s site. Try before you buy (so to speak, with your data I mean). Free!! Have I been pwned?(https://haveibeenpwned.com) will help you check whether your account or credentials has been compromised based on research into the (sigh) multitudinous data breaches. Free!! DuckDuckGo privacy report card for websites (https://duckduckgo.com/app): instantly evaluates and remediates websites you visit to give you a before and after score. Browser add-on for various browser types on desktop but only available for iOS on mobile. Free!! Deseat.Me (www.deseat.me) : Helps you clean up your online presence by instantly getting a list of all your accounts, allowing you to sort through and delete them / unsubscribe. Personal Data.io: A self-named “integrated toolbox addressing surveillance capitalism”. Th

43 MINJAN 28
Comments
Digital Detox - how to cleanse yourself on Data Protection Day

Cyber security - everything a DPO needs to know. Part 2.

Cyber security is an area of key concern for any DPO or privacy professional. Having looked at people and training issues in episode 7, this episode focuses on the key physical issues: physical and technical access controls, network design considerations, default deny and least privilege, separation of duties and working in key areas. GDPR Now! Is brought to you by This Is DPO. www.thisisdpo.co.uk. Guest/s Andy Larkum CEO of ADL Consulting https://adlconsulting.co.uk andy@adlconsulting.co.uk Host Mark Sherwood-Edwards info@thisisdpo.co.uk Materials You can try ADL Consulting’s "Introduction to Cyber Security" module for free here: https://adlconsulting.teachable.com/p/an-introduction-to-cyber-security From previous episode on cyber security Cyber Essentials self-assessment questionnaire: https://adlconsulting.co.uk/getting-help-cyber-essentials - see heading "What's Involved" ISO 27001 https://adlconsulting.co.uk/iso27001-consultancy Training: https://adlconsulting.co.uk/staff-trai...

43 MINJAN 16
Comments
Cyber security - everything a DPO needs to know. Part 2.

Privacy by Design

Privacy By Design is one of the key elements of good data protection, and is made mandatory by Article 25 of the GDPR. But what does PbD mean in practice? In this podcast, we look at the key elements of PbD, discuss some actual use cases, and examine how to apply PbD on the ground. GDPR Now! Is brought to you by This Is DPO. www.thisisdpo.co.uk. Guest Sam Bouso, Founder and CEO of Precognitive Inc., sbouso@precognitive.io https://precognitive.com/ Host Mark Sherwood-Edwards info@thisisdpo.co.uk Materials Recommended By Sam Bouso Article “Privacy By Design Is Important For Every Area Of Your Business” is a good general intro Book “The Ultimate GDPR Practitioner Guide: Demystifying Privacy & Data Protection” Especially Chapter 11 which has solid examples and areas of focus for those trying to implement PbD. Ann Cavoukian’s 7 principles of PbD Proactive not reactive; preventive not remedial The privacy by design approach is characterized by proactive rather than reactive measures. It anticipates and prevents privacy invasive events before they happen. Privacy by design does not wait for privacy risks to materialize, nor does it offer remedies for resolving privacy infractions once they have occurred — it aims to prevent them from occurring. In short, privacy by design comes before-the-fact, not after. Privacy as the default Privacy by design seeks to deliver the maximum degree of privacy by ensuring that personal data are automatically protected in any given IT system or business practice. If an individual does nothing, their privacy still remains intact. No action is required on the part of the individual to protect their privacy — it is built into the system, by default. Privacy embedded into design Privacy by design is embedded into the design and architecture of IT systems as well as business practices. It is not bolted on as an add-on, after the fact. The result is that privacy becomes an essential component of the core functionality being delivered. Privacy is integral to the system without diminishing functionality. Full functionality – positive-sum, not zero-sum Privacy by design seeks to accommodate all legitimate interests and objectives in a positive-sum “win-win” manner, not through a dated, zero-sum approach, where unnecessary trade-offs are made. Privacy by design avoids the pretense of false dichotomies, such as privacy versus security, demonstrating that it is possible to have both. End-to-end security – full lifecycle protection Privacy by design, having been embedded into the system prior to the first element of information being collected, extends securely throughout the entire lifecycle of the data involved — strong security measures are essential to privacy, from start to finish. This ensures that all data are securely retained, and then securely destroyed at the end of the process, in a timely fashion. Thus, privacy by design ensures cradle-to-grave, secure lifecycle management of information, end-to-end. Visibility and transparency – keep it open Privacy by design seeks to assure all stakeholders that whatever the business practice or technology involved, it is in fact, operating according to the stated promises and objectives, subject to independent verification. Its component parts and operations remain visible and transparent, to users and providers alike. Remember, trust but verify. Respect for user privacy – keep it user-centric Above all, privacy by design requires architects and operators to keep the interests of the individual uppermost by offering such measures as strong privacy defaults, appropriate notice, and empowering user-friendly options. Keep it user-centric. See also: https://iab.org/wp-content/IAB-uploads/2011/03/fred_carter.pdf https://iapp.org/resources/article/privacy-by-design-the-7-foundational-principles/ Looking for something long and technical? "Privacy and Data Protection by Design – from policy to engineering". ENISA Questions, suggestion for improvement, ideas for iss

40 MIN2019 NOV 27
Comments
Privacy by Design

More from Karen Heaton/Data Protection 4 Business

Show

Playlists

hmly
Welcome to Himalaya LearningDozens of podcourses featuring over 100 experts are waiting for you.