Identity orchestration. Explore its meaning. Discover in Episode 125 how identity orchestration can protect data privacy and data security. Founder and CEO of Strata Identity [https://www.strata.io/], Eric Olden explores with us the change under way from passwords and multi-factor authentication to a radically different approach to safeguarding and verifying identities in a world of distributed data. Learn what a blue checkmark will mean within LinkedIn as one example. Consider how a system of p...
May 18, 2023•19 min
The modern automobile – a marvel of technology and transportation. It collects enormous amounts of data about us. This information is used for continuous improvement in design and safety and for our convenience. But it also creates risks to personal privacy. Episode 124 provides a tour of what automakers, suppliers, and users can do to create fair controls over how the automobile monitors, records, and shares personal information. Standard setting includes the Alliance for Automotive Innovation,...
May 11, 2023•19 min
What do Indiana, Tennessee, and Montana have in common? They adopted comprehensive data privacy laws in April 2023. Explore the similarities and differences and a unique Tennessee provision about national standards. Is a pattern emerging for how the U.S. regulates personal data? Consider the privacy implications of Artificial Intelligence. Global leaders are racing to understand and decide how to regulate AI. G7 leadership met in Japan on April 29 to consider a joint approach to the dark side of...
May 04, 2023•16 min
How can an organization comply with a wide diversity of privacy laws being adopted and changed across the globe? How does an organization create a compliant and privacy-responsible policy to assure its customers that their privacy will be protected? Join Rachael Ormiston, Head of Privacy at Osano, as we explore these questions. Osano offers a “No Fines, No Penalties Pledge” to its customers. The World's Most Trusted Data Privacy Software Platform | Osano (https://www.osano.com/). Consider how an...
Apr 27, 2023•15 min
Join Duane Laflotte and Patrick Hynds of Pulsar Security as the Data Privacy Detective asks these essential questions about cyber-crime and data privacy: How hard is it to break into a website or organization’s IT system? What are top tips for mid-sized organizations to defeat data attacks? What’s the future for people seeking a cybersecurity career? Pulsar Security offers institutions cyber-protection through software and services to prevent data leaks and losses at reasonable cost. Offensive N...
Apr 20, 2023•19 min
Artificial Intelligence and data privacy. Explore their relationship in this episode. It’s a subject little addressed by law or regulators and largely invisible to the public. AI depends on amassing a huge amount of personal information, collected and processed largely without consent or awareness of individuals whose personal information is being used. Once collected by AI businesses, personal data can leak to bad actors. And the services that are AI-driven can result in misapplications and mis...
Apr 13, 2023•15 min
What do ChatGPT, Iowa, TikTok, and Spyware have in common? They all made data privacy news in March 2023. Italy’s Data Protection Authority blocked ChatGPT internet use on privacy grounds, the first western government to do so. Iowa became the sixth U.S. state to adopt a comprehensive personal data protection code. President Biden issued an Executive Order against federal use of social media containing spyware, without expressly naming TikTok or China as the targets. Join the Data Privacy Detect...
Apr 06, 2023•17 min
Prominent South African data privacy attorney Ahmore Burger-Smidt described 2022 as a year of “bloodbath” for personal data privacy in a recent report from her firm Werksmans. The firm manages the Lex Africa Legal Alliance, with members in over twenty-five African countries. Cybercrime is extensive and growing in Africa, similar to trends evident in the rest of the world. Cybercriminals employ increasingly sophisticated phishing attacks and business email compromise schemes and have expanded wit...
Mar 30, 2023•19 min
The European Union’s GDPR (General Data Protection Regulation) became effective in May 2018. It declared a thorough and far-reaching set of rules for data privacy and became the global leader in how personal data privacy can be regulated and enhanced. What have almost five years shown? Is it successful? Entrenched? A model others follow? And how does it work in practice in 2023? Episode 117 considers how GDPR has become an embedded fabric for how personal information flows – or fails to flow – a...
Mar 23, 2023•13 min
Government regulation is moving towards giving consumers the right to stop companies from selling or share their personal information. How easy do companies make it for consumers to make this request—and then have it mean something? This episode contrasts two companies that take very different approaches to the question. One company makes its money through advertising, and to do that it needs to collect and share personal information of those who use its browser and other offerings. Another was ...
Mar 16, 2023•19 min
Many of us wonder how the internet knows so much about us. We are barraged with tailored ads as we use the internet. How does this happen? How does this affect the compliance risks of businesses and the data privacy of us all? Dan Frechtling, CEO of Boltive, explores the digital advertising ecosystem in Episode 115. Explore the sub-terrain of the internet, how it creates advertising revenue that is the business model of many tech firms, how unwanted ads and mal-advertising encroach, how it affec...
Mar 09, 2023•16 min
The Data Privacy Detective welcomes Frost Brown Todd attorneys Mike Nitardy and Yugo Nagashima to cover three important developments in the world of data privacy: -Updates to the California Privacy Rights Act (“CPRA”) – highlights of final regulations just issued -FTC settlement with GoodRX - the first enforcement of the Health Breach Notification Rule – its meaning for the healthcare industry and us -European Commission’s proposed “Data Act,” which could radically change the rules of data shari...
Mar 02, 2023•18 min
Business Email Compromise – it’s a major way that global thieves steal trillions of dollars. Bill Repasky, an attorney at Frost Brown Todd LLP, with years of experience in electronic payments and cyber-fraud defense, explains how attacks of this type occur, why they are growing, what can be done to prevent them, and what a business can do if attacked this way. Common types of Business Email Compromise attacks are what appear to be incoming customer payments, outgoing payments to suppliers of goo...
Feb 16, 2023•20 min
In this bonus episode, we bring you the Data Privacy Detective's guest appearance on the Privacy Week podcast's "The Privacy Panel Discussion" special.
Feb 14, 2023•48 min
Canada and the United States are each other’s major commercial partner. Many U.S. companies have Canadian customers and collect and process personal information about Canadians. They must therefore understand Canada’s and its provinces’ regulation of personal data privacy. The Canadian regulation of data privacy is very complex, with a maze of the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and provincial laws and regulations. In this conversation with Lyndsay W...
Feb 09, 2023•15 min
“If it’s free, then you are the product.” We carry in our pockets devices that have powerful mechanisms for collecting our information–where we go, what we buy, and even how fast we move. Every time we scroll through social media on our phones, we are submitting extremely precise data about what we might be interested in… even down to how many seconds we slow down to look at an individual post. By using these products and services, we are in effect consenting to this data collection, which comes...
Feb 02, 2023•17 min
Tech giants like Google, Apple, and Facebook incur huge Euro fines from European Union data privacy authorities. This is a “stick” approach, perhaps more like a “club,” of forcing EU rules upon global companies, aiming to force tech giants to change data privacy policies and practices to GDPR’s strict demands. Enter the Netherlands - with a different way of achieving changes in privacy practices through a joint approach. A January 23, 2023 New York Times article by Natasha Singer highlighted the...
Jan 26, 2023•11 min
The Data Privacy Detective Joe Dehner will be appearing as part of the LinkedIn Live event, "Privacy Week Podcast Palooza." Tune in on Thursday, January 26 from 3:00 to 4:00 p.m. EST: https://www.linkedin.com/video/event/urn:li:ugcPost:7021476486180212738/
Jan 24, 2023•1 min
A Third Way Emerges - Light Touch India -soon to be the world’s most populous country, a fast growing economy with a highly sophisticated tech sector. It’s a country with a digital rupee in circulation and digital identity cards. Since independent India has forged an independent path between “east and west.” About a year ago, the Modi Government withdrew a bill based on Europe’s comprehensive privacy-centric approach to personal data privacy, GDPR. In November 2022, a very different bill was pro...
Jan 13, 2023•20 min
Identity management. Learn how an automated approach can defend against the rising tide of data hacks, thefts, ransomware attacks, and other assaults on private information. Kevin Dominik Korte, IT Innovation and Growth Strategist of Univention, explains how an automated approach to login and other steps we take to connect to the internet and intranets can reduce the ability of bad actors to succeed in their attacks on IT systems, large and small. Traditional identity management is more costly a...
Jan 10, 2023•23 min
November 2022 saw the largest private data privacy settlement in U.S. history, a huge Irish fine of Meta, the UK’s forging an independent path from the EU, and South Dakota entering US/China foreign relations over TikTok. Tune in to Episode 107, as the Data Privacy Detective searches monthly for learning from privacy and security developments. As cybercrime grows and governments move from data breach punishment to requiring digital systems to embrace privacy-centric security, consider news from ...
Jan 03, 2023•16 min
Decentralized identifiers or “DIDs”. Tune in for an exploration how blockchain and pseudonymization can systematically improve data security and increase users’ control over their digital identities. Our tour guide is Phillip Shoemaker, the Executive Director of identity.com, a non-profit that provides tools for developers to help organizations identify individuals without compromising their security or privacy. Through this approach, enterprises can de-couple personal identities from users, pro...
Dec 06, 2022•19 min
Breached!, published in 2022 by Oxford University Press, reveals how data security law fails because of undue focus on data breaches. It explores what can be done to improve data privacy and limit data theft. Author Daniel Solove, law professor at George Washington University Law School and head of a privacy and security training company serving hundreds of global organizations, explores how laws focus too much on data breach and punishment of companies that are themselves breach victims. This i...
Nov 29, 2022•24 min
October 2022 highlights for data privacy: - Battle between the U.S. Federal Trade Commission and a data broker over whether the FTC has authority over its practices - U.S. Government orders federal agencies to push NIST Guideline compliance throughout the software supply chain - Survey reports 2d quarter jump in data breaches - France fines Clearview over facial recognition - A Dutch Court awards a fired employee damages from the employer’s webcam rules - EU acts to harmonize procedural laws to ...
Nov 23, 2022•14 min
William McKnight, one of the most highly published analysts in information management, offers insights into the future of how big data and artificial intelligence are changing the world. The McKnight Consulting Group is a leading data strategy and implementation firm that helps businesses solve complex problems through the use of growing personal information databases. Learn from this podcast who is watching us and how our personal data is collected, shared, and used. Discover new analytic uses ...
Nov 10, 2022•25 min
Data brokers acquire and sell data that includes personal location information. This exposes to others visits of women seeking pregnancy healthcare options, the church, synagogue, or mosque we attend, and other sensitive information we would prefer to be kept private. In August 2022, the U.S. Federal Trade Commission sued Kochava, an Idaho based data broker, claiming that it engages in an unfair business practice by sharing location data it gathers from data sources. Mike Swift, Chief Global Dig...
Nov 08, 2022•24 min
Data breaches are now daily news, like weather reports. Podcast 101 digs beneath the headlines into what happens with data incidents that result in breaches – where our personal information goes, whether it’s ever truly recoverable, what businesses can to do to prevent and address breaches, what consumers can do about it, and how one company officer became the first U.S. person to be criminally convicted for mishandling a company’s data breach. Andy Lunsford, founder/CEO of BreachRx, offers insi...
Oct 28, 2022•21 min
Spell-jacking: a new word emerging from the tech world. Learn its meaning and what can be done to protect personal data privacy. We use convenient third-party features on websites that can expose highly sensitive information about us without our even suspecting this is happening. When we use spellcheck on a website, this can send the entire form we are working on to “the cloud.” The information is in flight and can be shared (or hacked) in unexpected ways. A September 2022 study by otto-js, a Ja...
Oct 17, 2022•22 min
Cybersecurity Awareness Month is co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA). For more information about ways to keep you and your family safe. 1. Instagram fined 405M Euros for GDPR violations. 2. Google and Meta were fined a total of $72 million by South Korea’s Privacy and Protection Commission for tracking behavior on other sites without consumer approval, then using that data for advertising. 3. The Internal Revenue Service acknowledg...
Oct 05, 2022•17 min
How a California statute works in practice In August 2022, California’s Attorney General settled a case with Sephora, a beauty products company. Under the California Consumer Privacy Act (CCPA), California requires companies subject to its laws that they must provide their customers the right to stop the companies from selling their personal information to others. The privacy policy on Sephora’s website did not have such a provision. The case was settled for a $1.2 million civil penalty and an a...
Oct 04, 2022•15 min
