GDPR Now!

In this episode we are delighted to have Andrew Alston, founding director at Breach Aware and Business Intelligence Theoroms. Andrew brings us up to date on the current cyber security issues affecting businesses and offers a range of easy to action steps businesses can take to protect their systems and data. He reminds us that the basic security steps, done well, can go a long way to preventing security issues. As always, we present affordable solutions that can be used for SME's and individuals as well as large organisations. GDPR Now! Is brought to you by Data Protection 4 Business **www.dpo4business.co.uk** **Guest** Andrew Alston Founding Director Breach Aware Andrew@BITs.Company

Online Content - how to protect and secure your digital rights In today's world of content creation, sharing, posting and blogging, it is more important than ever to be able to protect and control your online content. Whether you are a musician, artist, parent, small business or large organisation, your digital content is who you are as an individual, family, group or company. This episode is a fantastic insight into the world of managing and controlling your online content with our guest, Adam Rumanek, Founder and CEO of Aux Mode, global specialists in digital rights management and revenue reporting. We discuss: digital rights management - what is it? - how can you protect your online content; video privacy protection; audio privacy protection and understanding your rights on YouTube. Anyone with an online presence will learn from listening to this episode, so we are grateful to Adam for his advice. Guest Adam Rumanek, CEO Aux Mode https://auxmode.com/about-us or contact Adam Rumanek on adamr@auxmode.com GDPR Now! Is brought to you by Data Protection 4 Business www.dpo4business.co.uk Special Guest: Adam Rumanek.

In this episode, we talk about the first officially approved certification schemes under Art.42 of UK GDPR by the ICO: the Data Protection and Privacy for ID & Age Assurance Services, and the Age Appropriate Design Certification. Our special guest, Tony Allen CEO of The Age Check Certification Scheme (ACCS) talks about the scope and applicability of the certification schemes and what technology companies need to consider. Tony also explains more about the ACCS which is a UKAS-accredited conformity assessment body, comprised of auditors, certification specialists, and data protection experts and how they independently test and certify online and offline systems that check age and identity, such as passport scanners, biometric technology, and age verification software. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk Guest Tony Allen CEO of The Age Check Certification Scheme Contact Tony Allen on: Email: tony.allen@accscheme.com Twitter: @agecheckcert Linkedin: Tony Allen | LinkedIn Special Guest: Tony Allen.

In this episode, we talk about Making AI Regulation Strategic for businesses and discuss what businesses can do to keep abreast of regulations, compliance solutions and protect their developments in AI. Our special guest is Ayisha Piotti, Co-Founder & Managing Partner of RegHorizons, a business decidated to helping build trust in emerging technologies through promoting policy solutions and by facilitating dialogue be-tween governments, academia, businesses and civil society. To learn about the work that RegHorizon do, check out this link to their latest AI Policy event https://reghorizon.com/events/ GDPR Now! Is brought to you by Data Protection 4 Business. www.dpo4business.co.uk Guest Ayisha Piotti Contact Ayisha Piotti on: Email: Ayisha.piotti@reghorizon.com Twitter: @PiottiAyisha Special Guest: Ayisha Piotti.

In this episode, we continue our discussions about the digital ID solution of decentralised identity, and how more and more organisations are starting to take notice of of this technology as a means to verify the identity of people in a secure, efficient, cost effective and privacy enhancing way. Our special guests, Khalid Maliki and Jimmy Snoek talk about decentralised identity, also known as Self Sovereign Identity (SSI), how it can be implemented, the benefits and in particular, how they created the awarding winning digital ID company Tykn. We talk about the growth of SSI and how they believe it will positively impact billions of peoples lives. As we enter what is arguably, the start of our journey into a new era of digital innovation with huge benefits to individuals and businesses, we are excited to follow developments around the growth of digitial ID solutions such as decentralised identity. GDPR Now! Is brought to you by Data Protection 4 Business www.dpo4business.co.uk Guest Khalid Maliki & Jimmy Snoek Co-Founders of Tykn Contact Khalid on: Email: khalid@tykn.tech Twitter: @Khalidworks Contact Jimmy on: Email: jimmy@tykn.tech Twitter: @idforgood Website: https://tykn.tech/ Special Guests: Jimmy Snoek and Khalid Maliki.

In this episode, we discuss, controversially, why data privacy, including regulations like GDPR, are counterproductive and why we would all be better off without the current notion of data privacy. Our special guest, Ben Malisow, is our 'privacy provocateur' on our show and talks about why he believes we are living an 'illusion of privacy'. Ben has over 30 years experience in information security and education and is currently a professional certification training lead for SGS Cybersecurity Services, a multinational corporation involved in a wide range of product and process certification/validation. Some of Ben’s roles have also included professor of English, a computer teacher for troubled teens as well as his extensive experience working with clients such as FedEx, US Special Forces Command, the United Nations, HSBC, and Barclays. Ben is the author of ''Exposed: How Revealing Your Data and Eliminating Privacy Increases Trust and Liberates Humanity.'' GDPR Now! Is brought to you by Data Protection 4 Business. www.dpo4business.co.uk Guest Ben Malisow Professional Certification Training Lead for SGS Website: https://www.securityzed.com/ Twitter: https://twitter.com/BenMalisow LinkedIn: https://www.linkedin.com/in/malisow Special Guest: Ben Malisow.

In this episode, we talk about the future of credential management – Self Sovereign Identity (SSI) also known as decentralised identity. SSI is an efficient, secure and privacy enhancing solution for identity verification. It puts individuals at the centre of the verification process and is the future of identity management. Our special guest, James Monaghan, talks about how Evernym provides solutions in the area of SSI for businesses today. We talk about what SSI means, how it works, the benefits for individuals and businesses and importantly, examples of how it is being used to great effect today. For any businesses interested in learning more about how they could benefit from building an SSI or decentralised identity solution, please contact James directly. As we enter what is arguably, the start of our journey into a new era of digital innovation with huge benefits to individuals and businesses, we are excited to follow developments around the growth of Self Soverign Identity. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk Guest James Monaghan Vice President of Product Management at Evernym. Contact James on: Email: james.monaghan@evernym.com Twitter: @james_monaghan https://www.linkedin.com/in/jamesmonaghan/ World Web Consortium (W3C) specifications for existing SSI solutions: https://www.w3.org/TR/did-core/https://www.w3.org/TR/vc-data-model/https://www.evernym.com/blog/gentle-introduction-verifiable-credentials/ Relevant industry bodies include: https://identity.foundation/https://trustoverip.org/https://www.goodhealthpass.org/Special Guest: James Monaghan.

In this episode, we are going to talk about the regulation of Artificial Intelligence and Machine Learning to understand what businesses need to think about from a regulatory perspective. Our special guest, Ben, talks about the global context of regulations around AI and the complexity of the parallel 'race to AI' and 'race to regulation' . In particular we look at the proposed Artificial Intelligence Act from the European Union and consider the impact on innovation. We explore what businesses and DPOs need to consider when building, using or deploying Machine learning or Artificial Intelligence systems. As we enter what is arguably, the start of our journey into a new era of innovation with huge benefits to humankind, this podcast will follow developments in and around the regulation of future Artificial Intelligence and Machine Learning. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk Guest Benjamin Mueller Ben is a senior policy analyst at the Center for Data Innovation, focusing on AI and technology governance. Read Ben's note on: AI Act Explainer is here: https://datainnovation.org/2021/05/the-artificial-intelligence-act-a-quick-explainer/ Special Guest: Benjamin Mueller.

In today’s episode, we are delving into the hot topic of Digital Vaccine Passports and Certificates. We outline the complex mix of technology, privacy and practical issues in a global context. As we did in Episodes 24 & 25, we look at the significant practical, technical and privacy issues surrounding how nation states and governments want to use technology to prove human beings can travel internationally, cross borders in the EU and get access to domestic venues, events, retail outlets and much more besides. Arguably a more complex problem to solve than tracking and tracing individuals. We consider the lack of effectiveness of the Track and Trace apps in the UK & EU and wonder how acceptable solutions can be found for Vaccine Passports and Certificates - a wider problem involving citizens, businesses, medical records and often new and emerging technology. Again, we find ourselves asking the same question: how do we find a rapid and effective way to discuss and agree the extended use of our data to manage this pandemic and halt the damage from lockdowns? We urgently need a forum to be able to have these discussions. As Privacy, Legal and Techology professionals we must contribute to solutions to help support governments to enable better pandemic management. There are far more questions than answers, so this episode will be the start of our journey to keep up to date with developments. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guests Roger Marlow Roger has worked in software for over 30 years with experience in building software for the finance, retail, automative and government sectors. He has been involved in the creation of several companies including a healthcare technology company that works for the NHS. Special Guest: Roger Marlow.

The decision by the ECJ on 16th July 2020, to invalidate the EU - US Privacy Shield sent shockwaves across organisations in the EU and US. We are now in January 2021 and there have been some solutions offered by the European Commission. But how workable are they for businesses in practise?? Join me, Karen Heaton and guest Mark Sherwood-Edwards, lawyer, data protection specialist and founder of Clearview Legal to discuss the latest pronouncements from the EC, on a revision of the Standard Contractual Clauses, Safeguards for transfers to the US (and other third countries) and of course, the impact of Brexit and what this will mean if the EC does not grant adequacy status to the UK. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest Mark Sherwood-Edwards Founder www.clearviewlegal.co.uk Check out some great resources: FieldFisher Lawyer - Phil Lee on the revised SCCs https://www.fieldfisher.com/en/services/privacy-security-and-information/privacy-security-and-information-law-blog/first-impressions-new-eu-standard-contractual-clauses Tools to help with assessing data transfers Proteus-Cyber https://proteuscyber.com/Schrems-II-Automatic-SCC-contracts Special Guest: Mark Sherwood-Edwards.

In today’s episode, we are delving into the issues we discussed in our previous episode #24 on the NHS Track and Trace app and considering in more detail the legal, privacy and practicality barriers to many track and trace apps in Europe. We discuss the take up of Track and Trace apps in the EU and find it is mostly 30% of the population and lower. Data privacy when using apps has been protected due to EU GDPR, however, other basic freedoms have been taken from us and our way of life severely impacted over the course of 2020. Track and trace apps have not had the hoped-for beneficial impact in the EU. Had we taken a different approach to using more data and made the apps mandatory, could the outcomes have been different? What does this mean in practise for track and trace apps as future solutions to help governments manage pandemics? Compare and contrast to other Asian countries. If 70 - 80% app usage is realistically needed to be effective, then why did we not make track and trace apps mandatory? What are we to learn from countries in Asia? How do we find a rapid and effective way to discuss and agree the extended use of our data to improve outcomes, rapidly, either during pandemics or outside of them? As Privacy, Legal and Tech professionals we must continue this conversation and find a framework for agreeing the greater use of data in a mandatory way to support better pandemic and health outcomes. The economic costs of lockdowns are extremely high and have a direct effect on a nation's ability to provide future healthcare. Our short term fix to today's problem could cause many more problems for the future. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guests Roger Marlow Roger has worked in software for over 30 years with experience in building software for the finance, retail, automative and government sectors. He has been involved in the creation of several companies including a healthcare technology company that works for the NHS. Guests Mark Sherwood-Edwards Mark helps CEOs negotiate smarter, more profitable, contracts. During his time spent working in law firms and also as in-house counsel he specialised in contracts as well as sales-contracting transformation, in organisations across the fintech, adtech, tech and outsourcing sectors. Founder Clearview Legal https://clearviewlegal.co.uk/ Special Guests: Mark Sherwood-Edwards and Roger Marlow.

This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. In our discussion we first talk about the NHS Track and Trace app and ask "how did we get here?" with app #2 being released five months after app #1. We then explore whether track and trace apps are prevented from being successful due to privacy and practicality issues and whether this is a worldwide problem. During our discussion, I recommend a very important film "The Social Dilemma" which is available on Netflix. This is an must-watch film for everyone, especially parents with teenagers, pre-teens and young adults. Given some of the important issues raised in this episode, we will be recording Part 2, where we bring in a panel of specialists to start the discussions on how to address the practicality and privacy issues which can prevent track and trace apps from being effective during a pandemic. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest This episode features a software professional with 30 years experience in software projects across a multitude of industries including retail, banking, defence and automotive and for the last 10 years, the NHS. David founded a successful IT company which provides services to the NHS and writes for https://lockdownsceptics.org/ a blog founded by Toby Young, where a range of pandemic related data is analysed and presented.

Today we depart from the corornavirus related stories to bring you an update on the landmark ruling from the European Court of Justice on the EU - US Privacy Shield. The decision by the ECJ on 16th July 2020, to invalidate the EU - US Privacy Shield has sent shockwaves across organisations in the EU and US. We are joined by fellow host, Mark Sherwood-Edwards, lawyer, data protection specialist and founder of ThisisDPO. Mark has read the judgement and is going to talk to us today about what it means for data protection, for businesses and for DPO’s. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest Mark Sherwood-Edwards Founder ThisisDPO www.thisisdpo.co.uk

This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. In this episode we are delighted to have Andrew Alston, founding director at Breach Aware and Business intelligence Theoroms. Andrew talks to us about Breach Aware which is a data breach monitoring and reporting application designed to help organisations detect and prevent crime, as part of their system of risk management. The solution can be used for SME's and individuals as well as large organisations. Andrew and his team pride themselves in offering this solution at affordable rates for SME's. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest Andrew Alston Founding Director Breach Aware Andrew@BITs.Company Special Guest: Andrew Alston.

This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. In this episode, we are going discuss personal data in detail and explore the question of: whose data is it anyway? And what are we prepared to tolerate regarding track and trace programmes as governments around the world implement track and track apps. To discuss this we are delighted to have Phil Brown, The Norfolk Data Protection Mardler, who advices clients in Norfolk on data protection. _Please note: Phil makes reference to the need for self reporting but would like to clarify that in the NHS Test and Trace scheme, an NHS Tracker will only contact individuals who have tested positive for Covid19. Whether someone should be tested at all is heavily dependent on self reporting. Furthermore, responses to a possible request to us to identify those with whom we may have had recent close contact is based on our ‘civic duty’ rather than a legal requirement - so it’s very much down to our willingness or judgment to do so. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Phil Brown Data Protection Consultant pa@datamardler.co.uk Phil is an independent data protection consultant based in North Norfolk and has provided data protection advice and support to a wide variety of industries across Norfolk and beyond, mostly to small businesses. Prior to that, Phil had a 20 year career as a military communications officer which was then followed by 12 years in the world of mobile phone standardisation, mostly consulting for a Japanese mobile phone operator. During the latter phase, he chaired an international working group that developed mobile phone conformance tests and also chaired the Global Certification Forum when is became a legal entity in 2008. Such work has seen him travel widely and has, at various times, studied French, German, Japanese and Mandarin Chinese none of which prepared him for life in Norfolk when he moved there in 2016! He has a Masters degree in Design of Information Systems and his currently trading as Norfolk’s Data Protection Mardler. Special Guest: Phil Brown.

This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. In this episode, we start our series of discussions on track and trace apps from around the world. Today, we are are discovering how track and trace is being managed in Australia. To discuss this with us, we are delighted to have Katherine Sainty and Belyndy Rowe from Sainty Law, a boutique law firm specialising in privacy, big data, technology & cybersecurity in Sydney. Katherine and Belyndy are going to talk to us about what is happening in Australia. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Katherine Sainty Director Katherine is the founder and team leader at Sainty Law. Katherine is a corporate and commercial lawyer who specialises in digital, technology and media law. http://www.saintylaw.com.au/ Belyndy Rowe Senior Associate Belyndy advises commercial and creative industry clients in commercial transactions, intellectual property and technology law. Email: belyndy.rowe@saintylaw.com.au http://www.saintylaw.com.au/ Special Guests: Belyndy Rowe and Katherine Sainty.

Regular listeners will have already heard our episodes on what DPOs need to know about cyber security, and COVID 19 impact on data protection. gdpr, privacy, data security, cyber crime, data protection, SME In this episode, we are going to talk about the exponential rise of cyber crime as a business, the need to understand the risks and the security challenges for SME's. This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of businesses across the UK and the world. We are delighted to have Zohar Rozenberg (Col. Ret.) who is the Chief Security Officer at Elron, a leading Israeli holding company dedicated to building technology companies. Aside from an impressive career in Israeli defence and cyber security, Zohar has written a number of recent articles on cyber issues: https://www.cisomag.com/cyber-startup-hub-in-israel-declines-as-global-competition-rises-elron-vp/ https://www.theepochtimes.com/coronavirus-hackers-try-to-take-advantage-of-people-working-from-home_3275525.html https://siliconangle.com/2020/03/13/coronavirus-offers-golden-opportunity-evolve-security-architecture/ https://www.jpost.com/middle-east/cyber-attacks-new-maritime-threat-warns-former-idf-cyber-head-599165 https://www.helpnetsecurity.com/2020/03/11/coronavirus-evolve-security-architecture/ GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Zohar Rosenberg Chief Security Officer & Board Member Elron Electronic Industries (TASE: ELRN) www.elron.com adir@davidmalits.com Special Guest: Zohar Rosenberg.

Regular listeners will have already heard our episodes on what DPOs need to know about cyber security, and COVID 19 impact on data protection. In this episode, we are going to talk about the exponential rise of cyber crime as a business, the need to understand the risks and the security challenges for SME's. This episode is part of our series of updated podcasts addressing security & privacy concerns resulting from the coronavirus pandemic and the shift in working practises for millions of...

Welcome to another episode of GDPR Now, a podcast dedicated to data protection and all things data security and privacy. This week’s episode is Group Action lawsuits arising from data breaches. We continue our series of podcasts addressing concerns resulting from the coronavirus pandemic, such as increases in data breaches arising from IT security issues and the increased risks resulting from the huge shift to remote working for 100,000s businesses across the UK and the world. In the studio today we are delighted to have Kingsley Hayes, Managing Director of Hayes Connor Solicitors based in Widnes, Cheshire. In this second episode, we are going to talk about Group Action lawsuits, what they are, how they operate and the British Airways case. For anyone who wants to join the BA data breach action if they have been affected - the link is here. If you missed it, Kingsley and I discussed COVID19 and the impact on Data Protection in Episode 17. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Kingsley Hayes Managing Director Hayes Connor Solicitors www.hayesconnor.co.uk @HayesConnorSol 0330 107 5165 Special Guest: Kingsley Hayes.

Welcome to another episode of GDPR Now, a podcast dedicated to data protection and all things data security and data privacy. This week’s episode is COVID 19 and the impact on Data Protection. Regular listeners will have already heard our episodes on what DPOs need to know about cyber security, for those that missed them, they are episodes 7 & 15. Today, we start a series of podcasts addressing concerns resulting from the coronavirus pandemic and the shift in working practises for 100,000s businesses across the UK and the world. In the studio today we are delighted to have Kingsley Hayes, Managing Director of Hayes Connor Solicitors based in Widnes, Cheshire. In this first of two episodes, we are going to talk about Covid 19 and the impact on data protection. In our second episode, Kingsley and I will be discussing data breach Group Action law suits in general, and the BA action in particular. We cover the reputational and financial risks businesses need to be aware of when Group Actions, are filed as a result of data breaches. GDPR Now! Is brought to you by Data Protection 4 Business & This Is DPO. www.dpo4business.co.uk www.thisisdpo.co.uk. Guest/s Kingsley Hayes Managing Director Hayes Connor Solicitors www.hayesconnor.co.uk @HayesConnorSol 0330 107 5165 Host Karen Heaton info@dpo4business.co.uk www.dpo4business.co.uk This podcast is brought to you by thisisdpo.co.uk and Data Protection 4 Business. For more information, go to thisisdpo.co.uk or dpo4business.co.uk. All suggestions for topics, improvement etc are gratefully received or if you want to appear on the podcast, please contact us at info@dpo4business.co.uk. Special Guest: Kingsley Hayes.