Data Privacy Detective - how data is regulated, managed, protected, collected, mined, stolen, defended and transcended.

By Joe Dehner - Global Data Privacy Lawyer

About this podcast   English    United States

Data privacy is the footprint of our existence. It is our persona beyond ourselves, with traces of us scattered from birth certificates, Social Security numbers, shopping patterns, credit card histories, photographs, mugshots and health records. In a digital world, where memory is converted to 0’s and 1’s, then instantly transformed into a reproduction even in 3D, personal data is an urgent personal and collective subject. Those who wish to live anonymous lives must take extraordinary measures to succeed in that improbable quest, while those who hope for friendship or fame through the spread of their personal data must learn how to prevent theft of their identity and bank account.
The internet in its blooming evolution makes personal data big business – for government, the private sector and denizens of the dark alike. The Data Privacy Detective explores how governments balance the interests of personal privacy with competing needs for public security, public health and other communal goods. It scans the globe for champions, villains, protectors and invaders of personal privacy and for the tools and technology used by individuals, business and government in the great competition between personal privacy and societal good order.
We’ll discuss how to guard our privacy by safeguarding the personal data we want to protect. We’ll aim to limit the access others can gain to your sensitive personal data while enjoying the convenience and power of smartphones, Facebook, Google, EBay, PayPal and thousands of devices and sites. We’ll explore how sinister forces seek to penetrate defenses to access data you don’t want them to have. We’ll discover how companies providing us services and devices collect, use and try to exploit or safeguard our personal data.
And we’ll keep up to date on how governments regulate personal data, including how they themselves create, use and disclose it in an effort to advance public goals in ways that vary dramatically from country to country. For the public good and personal privacy can be at odds. On one hand, governments try to deter terrorist incidents, theft, fraud and other criminal activity by accessing personal data, by collecting and analyzing health data to prevent and control disease and in other ways most people readily accept. On the other hand, many governments view personal privacy as a fundamental human right, with government as guardian of each citizen’s right to privacy. How authorities regulate data privacy is an ongoing balance of public and individual interests. We’ll report statutes, regulations, international agreements and court decisions that determine the balance in favor of one or more of the competing interests. And we’ll explore innovative efforts to transcend government control through blockchain and other technology.
In audio posts of 5 to 10 minutes each, you’ll get tips on how to protect your privacy, updates on government efforts to protect or invade personal data, and news of technological developments that shape the speed-of-bit world in which our personal data resides.
18 episodes
In this podcast

technology

Machine generated. There may be errors. Report errors to us.
yesterday
In this podcast, the Data Privacy Detective turns a magnifying glass to how businesses located outside the EU can gather and use personal data that originates in the EU without violating the GDPR. Businesses inside the EU are actively working to bring their policies and procedures in line with the GDPR, with the benefit of many years of practice under the 1995 EU Directive that required EU countries to adopt laws based on a common background and similar principles to what becomes a directly binding regulation on May 25, 2018. For businesses beyond EU borders, how do they determine if GDPR’s extraterritorial reach affects them and what should they do about it?
April 18, 2018
The Data Privacy Detective explored in prior podcasts the broad scope of personal data, the differences between controllers and processors and other matters, including how processing can be lawful. That includes several specific, limited instances when acquisition and use of personal data can be legitimate in the absence of express consent of the persons whose data are held.
April 10, 2018
The EU’s GDPR – the General Data Protection Regulation – becomes law on May 25, 2018. This podcast explores what processing of personal data as defined by the GDPR is considered lawful. “Processing” is defined very broadly by Article 4.2 to encompass a wide variety of ways in which personal data are held or used. Article 6 describes what constitutes “Lawfulness of Processing.” It lists six alternatives for when processing is lawful. The first and most basic is if “the data subject has given consent to the processing of his or her personal data for one or more specific purposes.” Express consent is at the heart of the European approach to personal data protection. But consent is not the sole basis for lawful processing of personal data.
April 9, 2018
The GDPR defines personal data very broadly. But it is not an all-encompassing effort to protect all personal data from every conceivable use or misuse. “Personal data” is defined by Article 4.1 as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.” This defines personal data to include relatively non-sensitive information such as a phone number or email address, as well as more sensitive information such as biometric, genetic and other information about a person. The GDPR does not protect the data of legal entities. Only personal data of natural persons are addressed. Business, non-profit organization and government data are not covered. (Recital 14). Only data that relate to an identified or identifiable natural person are regulated by the GDPR. (Article 4.1)
April 2, 2018
Businesses collect, use and store personal data. It’s unavoidable. An email address, phone number, birthdate, postal address – these are all personal data that allow someone to identify or contact an individual. Other information is far more sensitive, such as health information, religious preference, political beliefs, race or ethnic origin, sexual preference, and financial details. The European Union’s General Data Protection Regulation (GDPR) classifies businesses that hold personal data as controllers or processors. The GDPR applies directly to both controllers and processors, but in different ways. This podcast explores the meaning of controller and processor and how cross-border businesses can meet the differing requirements imposed by the GDPR.
March 29, 2018
How does a non-EU business know if it must comply with the GDPR? And what specific things are required if the answer is yes? This podcast explores these questions, detailing the specific activities that require a non-EU business to comply with this EU regulation. Merely having a website is not enough. But if a company aims to sell goods or services to Europeans or to monitor the behavior of EU citizens or residents, compliance is expected. Conducting a data inventory and creating a data map are first steps to determine how a cross-border business can deal with the GDPR and comply with its requirements.
March 26, 2018
On May 25, 2018 the European Union’s General Data Protection Regulation becomes law – not just within the EU but everywhere in the world in some respects. It is deliberately extraterritorial. The EU is serious about compliance with the GDPR. Fines can be as high as 4% of a company’s gross revenues or 20 million Euros. The Data Privacy Detective launches a thorough exploration of the GDPR with this podcast, starting with the history, the context and the GDPR’s basic aim of protecting the personal data of its citizens and residents.
Aug. 25, 2017
In this podcast, the Data Privacy Detective talks about tech support scams with Michael Severini, Director of Information Security for one of America’s large law firms, Frost Brown Todd LLC. A tech support scam can start with a phone call claiming to provide computer support and security. But increasingly this scam pops up when you click on a website and your screen freezes, with a warning page that your pc is infected and you need to call a toll-free number immediately for help.
Aug. 9, 2017
The risk of the Internet of Things (IoT) is far more than a stolen credit card number or a banking loss. The risk could be mortal and pervasive if a critical device is hacked and a malicious command is issued through the IoT.
Aug. 3, 2017
Phishing is an effort by cybercriminals to use bait in the guise of a familiar email address to hook you into revealing your sensitive information. This podcast tells a real story of two college professors who were initial victims of a clever evolution of a phishing scam.

Podcasts like "Data Privacy Detective - how data is regulated, managed, protected, collected, mined, stolen, defended and transcended."   ·   View all

By R S Draughon and Anne LeBoutillier
Disclaimer: The podcast and artwork embedded on this page are from Joe Dehner - Global Data Privacy Lawyer, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.