Episode 42 - Encryption: When Data Privacy Best Practices Are Not

Data Privacy Detective

Player FM - Internet Radio Done Right

הוסף לפני four שנים

תוכן מסופק על ידי Data Privacy Detective Podcast and Joe Dehner - Global Data Privacy Lawyer. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Data Privacy Detective Podcast and Joe Dehner - Global Data Privacy Lawyer או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

The Innovators & Investors Podcast

1
AI in Wealth Management: Scaling Financial Advisory & Democratizing Access 45:49

לפני 10 ימים45:49

הפעל מאוחר יותר

רשימות

לייק

אהבתי

45:49

In this episode of The Innovators & Investors Podcast hosted by Kristian Marquez, guest Sindhu Joseph, founder and CEO of CogniCor, shares how artificial intelligence is transforming the financial services and wealth management industry. Sindhu discusses the significant wealth disparity she has observed globally and how CogniCor’s AI-powered co-pilot platform empowers financial advisors to scale their services, reaching beyond the traditional 30% of affluent households to potentially 70-80%. By reducing administrative burdens and providing a unified, real-time 360-degree view of client households, CogniCor enables advisors to deliver personalized, data-driven financial advice efficiently. Sindhu also reflects on her 15+ years of experience in AI, her global upbringing across India, Europe, and the US, and how her human-first approach shapes CogniCor’s mission to democratize access to wealth management. The episode explores the future impact of AI on work and society, the importance of domain expertise combined with AI knowledge, and the challenges posed by fragmented legacy systems in financial services. Listeners gain valuable insights into the intersection of AI innovation, fintech disruption, and ethical leadership in building scalable, impactful technology solutions. Whether you’re a financial professional, investor, or tech enthusiast, this episode offers a deep dive into AI’s transformative potential in wealth management and the inspiring journey of a visionary founder driving meaningful change. Learn more about Sindhu's work at https://www.cognicor.com/ Connect with Sindhu on LinkedIn at https://www.linkedin.com/in/sindhujoseph/ Think you'd be a great guest on the show? Apply at https://finstratmgmt.com/innovators-investors-podcast/ Want to learn more about Kristian Marquez's work? Check out his website at https://finstratmgmt.com…

לפני 6 שנים 11:37

MP3•בית הפרקים

Encryption is often thought of as the basic and best cybersecurity approach to protecting data in transit or in flight. As guest Ken Morris, CEO and founder of KnectIQ, argues, it’s not. Encrypting data is an essential practice, but it’s really not the problem or the solution. Instead, any organization must consider its keys. Best practices in cybersecurity in 2019 require new technologies that address the role of and threats to keys. Once a hacker gets access to a key, the data are there to be taken, even without the data controller or processor knowing that the thief has entered the storeroom. As the day of quantum computing approaches, it will become ever more certain that encryption alone is inadequate to protect data in flight. This is becoming known to the authorities. And that is not an idle thought. Article 32 of the EU’s Global Data Protection Regulation, GDPR, forces possessors of personal data to consider the “state of the art” in deploying systems to protect personal data. And the increased sophistication of corporate espionage demands new thinking on how to prevent data break-ins. This podcast is a primer on how to think differently about cybersecurity and how the best practices of yesterday are no longer those of today. If you have ideas for more interviews or stories, please email info@thedataprivacydetective.com.

150 פרקים

#Tech #Joe Dehner - Global Data Privacy Lawyer #News #Tech News #Data Privacy Detective #Data Privacy #Data #Privacy #Cybersecurity #Personal Privacy #Global Law #Privacy Laws #Law #Legal #Cyber #Crime

Episode 42 - Encryption: When Data Privacy Best Practices Are Not

Data Privacy Detective

published לפני 6 שנים

שתפו

MP3•בית הפרקים

150 פרקים

כל הפרקים

1
Episode 155 — Data Privacy News from December 2023 27:01

לפני 2 years27:01

27:01

Episode 155 considers three important developments as 2024 opens: How the European Union’s pending AI Act blazes a new trail How umbrella insurance may or may not apply to claims involving biometrics How Quebec’s 2023 data privacy act will reshape privacy notices throughout North America. Yugo Nagashima and Brion St. Amour, attorneys with the coast-to-coast U.S. law firm Frost Brown Todd LLP, team with the Data Privacy Detective to cover these three essential matters. On December 9, the European Union published a preliminary agreement on the Artificial Intelligence Act, a pioneering law that provides a framework for sale and use of AI in the EU. We consider what the AI Act covers and the four-levels-of-risk approach the EU will take for regulating AI. We then jump into discussion of a class action lawsuit against Krispy Kreme Doughnut Corp. The suit claims a violation of the Illinois Biometric Information Privacy Act (BIPA). Does Krispy Kreme’s insurance coverage apply? We consider the distinction between the lawsuit's claims and the company’s umbrella policy. The insurer declared that Krispy Kreme is not entitled to an insurance paid defense, based on a policy exclusion. The Quebec Act for protection of personal information in the private sector became law in September 2023. December 18, 2023 Guidance from Quebec’s Commission covers what must be in privacy notices, including that they be in clear, simple language (in French and English). https://www.cai.gouv.qc.ca/politiques-de-confidentialite/ What is “clear and simple”? The Guidance offers a checklist of what organizations should say in their website privacy postings, and is certain to force changes in websites of digital businesses that cover U.S. and Canadian markets. Time stamps: 01:16 — EU’s pending AI Act 10:11 — Umbrella insurance and biometrics 17:08 — Quebec’s 2023 data privacy act…

1
Episode 154 — Online Privacy – Cookies, chatbots, and data sharing 16:57

לפני 2 years16:57

16:57

Why do businesses create cookies for their websites – and what choices can visitors make when a popup asks us to choose? Can chatbots write privacy policies for businesses? How can we determine if a website shares personal information we provide to it – and if so, for what purposes? Donata Stroink-Skillrud, President and Legal Engineer of Termageddon ( https://www.termageddon.com ), addresses these questions. As data privacy laws and regulations spread, data privacy technology and policies must adapt. As website visitors, we should understand our choices when deciding what to click on cookie popups and should know whether a website business is gathering our personal information for limited and proper purposes. Learn a trick about how to know if a business shares personal information. Businesses wishing to be privacy compliant and earn a privacy-centric reputation should consider top tips. For individuals, hear advice for how we can protect our personal information in a world of growing threats to our privacy. Time stamps: 01:00 — Cookies, explained 06:21 — Chatbots, explained 10:56 — How can we find out if a business is sharing our personal information? 14:21 — Tips for businesses that want to focus on user privacy 15:24 — Tips for individuals who want to protect their privacy…

1
Episode 153 — Online Advertising, Consent, and Data Privacy: Big Changes looming for 2024 13:24

לפני 2 years13:24

13:24

When we visit websites, we increasingly see popups. Why is this? How does consent affect online advertising? And what’s changing in 2024? Mate Prgin, founder/CEO of Enzuzo (https://www.enzuzo.com) explains how Google’s 2024 standards force online retailers to obtain express consent from customers for collecting and sharing personal information. Bolstered by the recent Quebec Law 25 (first in North America to adopt GDPR-style consent standards) and spreading U.S. state laws led by California, North American online sellers are driven to change their website technology and practices to give consumers the choice of allowing or refusing their personal information to be shared and used for personalized advertising. The meaning of “consent” and how it is provided in practice become essential for internet commerce in 2024. Understand how internet retailers can comply with law and private sector standards, how individuals will be empowered to exercise choices when shopping online about how their personal information will be used and shared. Time stamps: 01:30 — What do you see in 2023 about data privacy compliance 04:23 — Google’s 2024 standards, explained 10:48 — Top tips for businesses in setting up their websites with privacy for users in mind 11:58 — Top tips for individuals who want to protect their privacy…

1
Episode 152 — Data Clutter & Data Privacy: Databases and the privacy risks they entail 19:12

לפני 2 years19:12

19:12

Data clutter – we keep our homes tidy, at least some of us do. But what about digital data? It accumulates and grows over time. Unlike hard copy files, which can be pitched or sent to long-term (expensive) storage, data is silent and unobservable (except perhaps to IT personnel). Explore how organizations amass vast amounts of data containing personal information, some highly sensitive. There it resides, posing serious risks to organizations and individuals. In Episode 152 Jason Cassidy, CEO of Shinydocs (https://shinydocs.com ), takes us on a tour of data clutter. Learn the vast amounts of unintended data gathered and kept by businesses that don’t need it, how this can be managed, how personal privacy can be more secure through state-of-the-art data management. Consider how data can be auto-classified on creation, how files can be better located with data breach risk minimized. Hear an industry expert’s top tips about data management for organizations and individuals. Make it a new year’s resolution to de-clutter, to data-minimize, to control fileshares, to design privacy-centric creation, retention, and storage of digital data. Time stamps: 01:10 — What info do organizations typically store in their databases? 07:20 — What risks to our personal privacy are posed by data clutter? 14:48 — Tops tips to organizations for dealing with data clutter 16:53 — Tops tips to individuals for dealing with data clutter…

1
Episode 151 — Top November 2023 Data Privacy News 22:38

לפני 2 years22:38

22:38

Major data privacy news from November - the meaning beneath the headlines: California issues proposed rules on ADTs – Automated Decision-making Technology. Applying California’s principal data privacy statute, the California Privacy Protection Agency proposes opt-out requirements, pre-use notices, and other measures for AI and related organizations. A New Landmark for Consumer Control Over their Personal Information: CPPA Proposes Regulatory Framework for Automated Decisionmaking Technology (ca.gov). The TSA is using biometrics at U.S. airports with little notice or disclosure. Some U.S. Senators have called “time-out.” What’s going on with biometrics at airports? BUR23A41 (senate.gov). The influential Data & Trust Alliance proposes eight cross-border Data Provenance Standards. Learn how international standards are being set by the private sector to increase transparency, reliability, and use of datasets essential for AI. Will data become labeled and tracked like food and art? How does private standard setting lay the groundwork for privacy conscious laws and regulations? Consider the immediate opportunity to provide your comments about AI and personal data privacy. The Data & Trust Alliance (dataandtrustalliance.org). Tune in to Episode 151 for analysis, as the world of data privacy spins toward 2024. Time stamps: 00:59 — ADTs 09:02 — The TSA is using biometrics 13:47 — Data & Trust Alliance proposed Data Provenance Standards…

1
Episode 150 — Nine Million Medical Records Leaked - How can victims find out what happened? 12:58

לפני 2 years12:58

12:58

Perry Johnson & Associates (PJ&A) provides medical transcription services to healthcare organizations. Its website states that it offers “secure HIT solutions,” using “multiple U.S. based, secure data centers for documentation storage and disaster recovery.” But in November 2023, PJ&A began informing about nine million people by individually sent letters that “between March 27, 2023 and May 2, 2023, PJ&A learned that an unauthorized party gained access” to its network and “acquired copies of certain files from PJ&A systems.” A November 2023 TechRadar report summarizes the background: “A total of 8.95 million individuals are affected, with the stolen data including full names, birth dates, postal addresses, medical records, and hospital account numbers. Furthermore, the hackers took admission diagnoses, as well as dates and times of service. In some cases, the hackers also stole Social Security Numbers (SSN), insurance and clinical information from medical transcription files, and names of healthcare providers - all of which would be more than enough to stage highly convincing social engineering attacks (phishing, identity theft, etc.) and could result in many class-action lawsuits.” How did a leading MedTech company respond to this cybersecurity incident? Tune in to learn how one podcast listener was informed by letter about the wrongful release of the individual’s medical information and sought details with no success. Consider how society must prepare better to address the aftermath of data breaches and what we can do collectively and individually to protect our most sensitive information.…

1
Episode 149 - Privacy & blockchain: an open source approach to privacy by design 22:42

לפני 2 years22:42

22:42

Blockchain technology. Can it be a solution to privacy risks inherent in traditional IT? How is it different from cryptocurrency? What can it do to allow both individuals and organizations to limit and protect personal information exchanged in daily life? Explore these questions in Episode 149, with Zenobia Godschalk, head of communications for Swirlds Labs (https://swirldslabs.com). Take a brisk tour of an open-source approach that applies blockchain technology to our evolving web. Learn about Hedera – an open source, leaderless proof-of-stake network. Consider how an individual need not share a lot of personal information when a transaction requires only proof of one thing – such as whether the individual is an adult or whether a person actually is a bank account holder. Listen for top tips to organizations and individuals about how open-source blockchain technology can minimize risks to personal information and identity theft. Hear how public ledgers for decentralized economies are changing our digital existence and can be a means of protecting personal privacy without disrupting our digital world. Time stamps: 01:02 — What is blockchain technology, and how is it different from cryptocurrency? 07:30 — What is tokenization? 12:42 — Is blockchain 100% effective? 14:44 — Top tips for organizations in considering blockchain technology as a replacement for traditional IT 18:52 — Top tips for individuals in considering blockchain…

1
Episode 148 — Post-Quantum Data Privacy: Learnings from a Pioneer 23:48

לפני 2 years23:48

23:48

Post-Quantum Data Privacy – what is it? What does it mean for organizations and individuals? That is this episode’s focus. Tune in to learn how one company offers privacy-protect ive messaging and cryptocurrency services in the age of Web 3.0 and quantum computing. JB Benjamin, the founder of UK-based Kryotech Ltd. ( Kryotech Group ), provides a tour of Vox Messenger and Vox Wallet. These services employ privacy-centric technology. Explore how our personal information is collected, used, and shared often without our knowledge or approval. Consider how technology beyond passwords is essential to deter unwanted use of our personal information and to minimize rising theft of our financial resources and even our identities. Quantum computing means an exponentially increased power that can be used to break through lengthy passwords and otherwise hack and misuse data, both personal and organizational. Defenses are also evolving. Post-quantum privacy entails use of double-ratchet encryption, message immolation, sophisticated use of public and private keys, and other techniques. Individuals can be empowered to make choices about the value of their digital information and identities, which otherwise are swept up and used by businesses without payment. Understanding post-quantum data privacy is essential to empowering each individual to decide how to exercise choices about use of personal data. Time stamps: 01:08 — How is our personal info used by companies to make a profit? 04:51 — What does Kryotech do to enhance privacy? 12:54 — What is Vox Crypto and how does it enhance privacy 18:03 — Top tips for businesses who want to focus more on privacy 20:10 — Top tips for individuals who want to protect their privacy…

1
Episode 147 — How small and mid-sized organizations can afford privacy by design 20:47

לפני 2 years20:47

20:47

How small and mid-sized organizations can afford privacy by design: Making data privacy and security affordable and scalable Tech giants have vast budgets for cybersecurity and data privacy. But most organizations are small or mid-sized enterprises (SMEs) and can’t afford expensive in-house talent, hardware, and software to combat data piracy or prevent data breaches. How do startups, SMEs, and MSPs create a privacy responsible foundation as they start and grow? How can they make privacy part of their offering to customers? How can they maintain first-class cybersecurity and data privacy as they scale and grow on an affordable budget? Darren Gallop, co-founder and CEO of Carbide ( Company | Carbide (carbidesecure.com) , provides advice on these and other topics in this Episode. With an overview of how secure personal information is today, Darren explains the benefits of starting with a secure privacy-centric foundation on an outsourced basis, then adding essential tools as an organization grows. Listen for top tips on how organizations and individuals can protect sensitive personal information on an affordable basis. Time stamps: 01:59 — How secure is personal info these days? 06:10 — On a limited budget, how can small and mid-sized businesses invest in data protection? 12:02 — How does an SME maintain first-class data privacy practices? 17:19 — Top privacy tips for individuals…

1
Episode 146 — October Data Privacy Highlights 22:24

לפני 2 years22:24

22:24

October 2023 was a busy month for data privacy. Join our monthly podcast of three major developments in the world of personal information and technology. Our picks are these: 1. On October 30, President Biden issued an Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence (AI). Noteworthy to Data Privacy was his call for Congress to pass bipartisan data privacy legislation, especially for children, which would be a significant step towards a federal data privacy law. In addition to national security and other features, the EO prioritizes federal support for accelerating privacy-preserving techniques, strengthening privacy-preserving research and technologies, evaluating how agencies collect and use commercially available information, and developing guidelines for federal agencies to evaluate the effectiveness of privacy-preserving techniques. Explore what the Executive can do in the absence of Congressional action on data privacy. FACT SHEET: President Biden Issues Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence | The White House . 2. The Federal Trade Commission amended its Safeguards Rule to require non-banking financial institutions to report certain data breaches to the FTC. Learn which businesses are covered and what the rule requires of them. Explore how the new reporting requirements will force a wide range of businesses to report data breaches in detail to the FTC, and how this could affect data privacy. FTC Amends Safeguards Rule to Require Non-Banking Financial Institutions to Report Data Security Breaches | Federal Trade Commission . 3. A United Kingdom court rules on October 17 that Clearview AI was not liable to the UK’s Information Commissioner for scraping the photos of UK residents from the internet and offering its services to foreign law enforcement agencies. ukftt_grc_2023_819.pdf (nationalarchives.gov.uk) . Learn why the extraterritorial reach of GDPR principles does not extend as many thought it might, how UK residents who have not consented to Clearview’s use of their images have no remedy, and what this means for any regulation of what people post on the internet. Time stamps: 00:25 — Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence 05:53 — FTC amends Safeguard Rules 11:16 — UK Court rules in favor of Clearview AI…

1
Episode 145 — Malevolent Data Attacks - How to be Safer Together 15:29

לפני 2 years15:29

15:29

Malevolent attacks on data are rising. Misuse of data is an increasingly sophisticated criminal industry. How to defend? Philippe Humeau, a founder and the CEO of CrowdSec ( CrowdSec - The open-source & collaborative security suite ) is our guest. He explains how an open-source approach to editing a collaborative security stack for identifying and sharing malicious IP addresses across a community of users can be a powerful force for good in protecting data against mal-actors. This episode explores how malevolent data attacks occur and are expanding, how malicious IP addresses can be identified and shared, and how building a community defense can make the internet a safer place for everyone. Learn how open source can improve defenses, how multilayer firewalls function, how VPN’s are addressed in the defense of data. Receive top tips for organizations and individuals on how to protect personal and organizational data. Time stamps: 03:08 - Malevolent Data Actors 08:03 - Can an open source platform defend against mal-actors? 10:26 - Multi-player firewall 11:58 - Top tips for organizations/businesses 13:56 - Tips for individuals…

1
Episode 144 — External Data Privacy 15:45

לפני 2 years15:45

15:45

External data privacy – what is it? How do current threats to personal data privacy require defenses beyond stronger hardware and software? Harry Maugans, CEO of Privacy Bee - https://privacybee.com - explains how external data privacy requires us all to think beyond protections provided by organizations to which we belong. Data brokers, AI database collectors, and cybercriminals all seek access to PII (personally identifiable information), which can be used for good and bad purposes and can result in physical and financial risks to individuals. Steps can be taken to safeguard personal information, even of famous individuals who don’t want certain types of information made public or misused about them. Tune in to Episode 144 to enrich your understanding of privacy-centric thinking and take practical steps in protecting personal data privacy. Time Stamps: 00:55 — What does 'external data privacy' mean? 08:55 — How do cybercriminals exploit systemic weakness? 11:25 — How does a well-known person keep their privacy?…

1
Episode 143 – Mobility and Privacy: How Our Privacy is at Stake While in a Car 18:19

לפני 2 years18:19

18:19

Today’s vehicles have cameras looking inside and outside and communicate information about us to third parties as we drive. This supports continuous product improvement by automakers. But it also raises important privacy concerns. Yevgeny Khessin, Founder and CTO, and Andy Chatham, Co-Founder, of DIMO ( https://dimo.zone ) take us on a tour of how our privacy is at risk while we are mobile. Episode 143 considers these questions: How do individuals and vehicles get connected while mobile? What privacy concerns does the modern vehicle raise? Who owns our data while mobile? How can privacy concerns be addressed by privacy-centric automakers? What can automakers and each of us do to safeguard privacy while mobile? Time Stamps: 01:28 — In what ways do people share data with their vehicles? 04:00 — What are the privacy concerns? 06:27 — What does DIMO do? 11:12 — Top tips for producers of mobile/vehicle products 15:05 — Top tips for individuals who want to safeguard their privacy…

לפני 2 years17:39

17:39

Bail decisions are critical in the lives of arrested persons. They come without judgment of guilt or innocence but can mean the deprivation of freedom for individuals as they await trial. But they can also have crushing unintended consequences for persons who become the victims of persons released without bail or on insufficient bail. Episode 126 takes no position on the headline debates about bail reform. Instead, Ken W. Good takes us on a tour of the privacy issues involved with bail. A thirty-plus-year attorney, Ken is on the board of directors of the Professional Bondsmen of Texas, the voice of the bail industry in that state. What information does a magistrate or judge obtain when deciding on bail? What personal information about the accused individual is available, and does this data become available to the public? Is setting bail an open court matter? Is AI entering the courtroom through algorithms that make risk assessments about accused persons? Tune in to consider this critical stage of the criminal justice system and how the privacy of all of us is affected. Time stamps: 01:06 — What is the bail bondsman's view of bail and potential bail reform? 02:34 — What are the privacy issues of bail? 05:40 — What data is presented before a magistrate in determining bail? 08:52 — Is the bail decision a public record? 10:15 — Are A.I. and algorithms being used in bail determinations? 12:07 — How might bail decisions evolve in the next 5-10 years?…

ברוכים הבאים אל Player FM!

Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.