December 23, 2019
Cookies in the internet sense are packets of data that a persons’ computer receives when visiting a website. Without a cookie sent by an online retailer, every time one moves to a different page on a site, the visitor would need once again to supply account data and other information – a terrible burden! But cookies also represent a potential threat, as disguised cookies can install viruses or malware on our computers, and supercookies and zombie cookies pose other threats to personal privacy. Because a cookie can represent a third party that is accessing personal information of someone visiting a website, website owners and operators must consider whether the data streams arising from this use and the sharing with cookie senders amount to activity governed by the CCPA (or other states with similar or evolving data protection laws). William Morriss, an attorney with Frost Brown Todd, LLC who advises numerous tech and other companies about software and internet matters and himself a former computer programmer, explains in this podcast the link between cookies and California and discusses what a business can do to determine its cookie status and comply with the CCPA if required to do so. Make it a New Years Resolution for 2020 to get ahead of the cookie compliance curve so that cookies don’t become commercial indigestion!
November 18, 2019
Medical data are considered particularly sensitive personal information. Laws and regulations in most countries, including the USA and throughout Europe, generally aim to restrict sharing such information with the target of building privacy walls around each person’s data. But making such health data available more broadly is key to improved medical care, research and the advance of health science. Finland is the first country known to have adopted an approach to allow third parties to access health data for the purposes of scientific research, drug and health technology development and knowledge-based management in social and health care. Researchers, service developers and other legitimate data users will be able to collect, combine and process data from Finnish registries smoothly and securely. While most data will be anonymized, for particular applications individual identities can be shared. Those seeking access to such information will apply to a central authority that will screen applications to approve legitimate uses of Finland’s substantial database. It will accept applications for access starting in early 2020. Helsinki attorney Markus Myhrberg, member of Lexia explains how this will work in this podcast with the Data Privacy Detective. Markus heads Lexia’s IPR, data protection and marketing practices. The Finnish Act on the Secondary Use of Health and Social Data was adopted on March 13, 2019 and became effective on May 1, 2019. The text of the Act is available in Finnish, in Swedish and in English).
October 14, 2019
California Consumer Privacy Act (CCPA) and the so-called European "right to be forgotten" are hot topics as summer turns to autumn. With the CCPA coming into effect on January 1, 2020 amendments to modify it abound in the legislature. Stay tuned for a final Act! Even so, the driving force behind the Act’s passage, Alistair Mactaggart, is not trusting the legislature. Watch for voters to decide directly what California’s law will be in 2020 at the same time they vote on America’s president. The EU’s "right to be forgotten". Media announced a victory for Google from the European Court of Justice (ECJ), claiming that the "right to be forgotten" under GDPR cannot be enforced outside the European Union and its 28 (soon to be 27?) countries. The ECJ’s September 24 ruling was on Google’s request for a preliminary ruling on appeal from the French Government’s 2014 order that Google delink globally its search engine from sites containing embarrassing or out of date information. The "right to be forgotten" still raises some questions. Where will the lines be drawn? Could governments order a business to remove truthful but embarrassing information about an individual gained from a police report? If the story was published in a book, do those pages need to be torn out of history? Where will the balance between freedom of the press and individual privacy land? This is a task now for courts and a risk for website and media businesses. If you have ideas for more interviews or stories, please email
September 23, 2019
What do Ecuador, San Diego, the FBI and Bayfront HMA Medical Center have in common? They’re all in data privacy news this first week of fall 2019. This podcast episode checks the data privacy temperature around the world this week.
August 28, 2019
Sometimes it seems the United States is more a loose federation than a national government. States have a major role in law-making. Data privacy is no exception. A recent law adopted by the State of Maine differs greatly from the California act that will come into force on January 1, 2020. Maine’s law will be effective on July 1, 2020. This podcast hits the highlights of it. Melissa Kern, Co-Chair of Frost Brown Todd LLC’s Privacy and Data Security Team explains that the Maine law applies to broadband internet access services – the folks who bring us access to the internet – not website hosts, not everyone holding personal data – but providers like ATT and Spectrum as well as regional internet access providers. If a provider has even one customer in Maine that is billed for service there, the Maine law applies. There’s no safe harbor threshold. If you have ideas for more interviews or stories, please email
August 15, 2019
Encryption is often thought of as the basic and best cybersecurity approach to protecting data in transit or in flight. As guest Ken Morris, CEO and founder of KnectIQ, argues, it’s not. Encrypting data is an essential practice, but it’s really not the problem or the solution. Instead, any organization must consider its keys. Best practices in cybersecurity in 2019 require new technologies that address the role of and threats to keys. Once a hacker gets access to a key, the data are there to be taken, even without the data controller or processor knowing that the thief has entered the storeroom. As the day of quantum computing approaches, it will become ever more certain that encryption alone is inadequate to protect data in flight. This is becoming known to the authorities. And that is not an idle thought. Article 32 of the EU’s Global Data Protection Regulation, GDPR, forces possessors of personal data to consider the “state of the art” in deploying systems to protect personal data. And the increased sophistication of corporate espionage demands new thinking on how to prevent data break-ins. This podcast is a primer on how to think differently about cybersecurity and how the best practices of yesterday are no longer those of today. If you have ideas for more interviews or stories, please email
August 5, 2019
One country, two systems – that’s the 50-year agreement that led to Hong Kong’s becoming part of China in 1997. This remains an evolution in progress. Hong Kong retains many of its systems independent of the PRC and yet is part of China. What does this mean for data privacy and the rules that apply to business in this powerhouse commercial center? Padraig Walsh, a privacy leader at the prominent Hong Kong law firm of Tanner De Witt, provides insight into how multinational firms should view Hong Kong for digital services. Hong Kong’s 1996 data privacy law was a pioneer at the time in establishing a legal framework for protecting personal data and regulating companies that handle data flows as controllers or processors. If one asks is it like China’s or the EU’s or the USA’s approach to data privacy, the answer is that it is much more like the EU or USA approach than China’s. It was adopted in the final months of British sovereignty. If you have ideas for more interviews or stories, please email
July 9, 2019
No business or individual wants to be the victim of a disaster. Cyber-attacks can cause exactly that. Individuals are the first line of defense for personal privacy and cybersecurity. For businesses, it’s essential to train everyone associated with data systems to avoid letting hackers and other criminals into the network that holds data, Dr. Gleb Tsipursky explains in this podcast how disaster avoidance requires an approach based on emotional intelligence and training based on human psychology. While firewalls, policies and procedures are essential for protecting a company’s data flows, so is effective training of personnel – of employees, contractors, others who hold the keys to accessing a company’s computer systems. Freezes of entire company systems caused by ransomware, thefts of financial and intellectual property by hackers, improper releases of personal data of customers – these and other crimes of the digital age are often caused by one individual’s careless acts in letting a thief enter a business’ digital gateway. If you have ideas for more interviews or stories, please email
June 28, 2019
The EU’s General Data Protection Regulation (GDPR) turned one year old on May 25, 2019. What’s been the experience? Kim Walker, Co-Chair of the Privacy Team of Shakespeare Martineau, a premier UK law firm, provides insight into how this comprehensive law of personal data privacy has unfolded in the United Kingdom. If you have ideas for more interviews or stories, please email
June 20, 2019
India is about to enact a comprehensive data privacy law that will force global and Indian businesses to revise their approach. Stephen Mathias, Co-Chair of the Tech Team at Kochhar & Co., one of India’s premier law firms, explains how India will shift from relatively lax regulation of data privacy to one of the world’s most protective regimens once the new bill is enacted. If you have ideas for more interviews or stories, please email
June 8, 2019
What do serial killers, employees who don’t want their fingerprints shared and a U.S. Senator have in common? Data privacy. In this podcast, Victoria Beckman, Co-Chair of Frost Brown Todd’s Privacy and Data Security Team, discusses this and other news. If you have ideas for more interviews or stories, please email
May 24, 2019
The Data Privacy Detective turns the spotlight on five American data privacy developments in a conversation with Melissa Kern, Co-Chair of Frost Brown Todd’s Privacy and Data Security Team. 1. California’s data privacy law, CCPA, comes into force in 2020. It’s occupied attention because of California’s size and its potential extraterritorial application. It provides limited rights for individuals to sue companies that violate CCPA, restricted to certain cases of data breach. Privacy advocates were disappointed when the California State Senate rejected a bill to empower individuals to sue companies that violate any part of CCPA, a big win for the tech sector in America’s largest state. 2. In the absence of an overarching U.S. law, the statutory action in data privacy has been on a state level, as in California. But the Network Advertising Initiative foresees the need for national standards and intends to fill that role as a Self-Regulatory Organization (SRO) rather than have a national law that could be less friendly to business interests. It issued a revised Code of Conduct 2020. A key upgrade requires opt-in consent of persons whose location data will be collected from various devices. 3. WhatsApp users were stunned to learn that spyware could be implanted on their phones without their knowledge. WhatsApp promptly issued an upgrade to be downloaded at no charge that was said to fix this stealth attack, permitted by exploitation of a buffer-overflow vulnerability. Another privacy embarrassment for Google, though one promptly addressed. 4. San Francisco became the first city known to prohibit use by city agencies of facial recognition technology. Other cities are considering similar bans. Unlike local laws banning cameras to catch drivers going through red lights, this ban restricts the use of analytical technology without barring devices that take photos without our express okay. 5. Google is rolling out settings on its Chrome browser that will enable users to delete 3d-party cookies. This will be optional, as some individuals may want to go to their grocery store and have their device tell them about a discount on their favorite foods and beverages without being asked. Others find it creepy that our whereabouts are not only being monitored by third parties but are used to stay in touch with us without our asking them to come along for the ride. If you have ideas for more interviews or stories, please email
May 13, 2019
The May 2-3, 2019 International Association of Privacy Professionals Conference featured leading U.S. officials and participants in the data privacy field. Mike Nitardy, a certified Privacy Professional (U.S.) and data privacy attorney at Frost Brown Todd LLC shares highlights from the conference. If you have ideas for more interviews or stories, please email
April 30, 2019
Picture frontline employees – like those at a motel’s front desk. In come ICE agents with gold badges asking to see guest logs, aiming to identify and track down undocumented aliens. What’s the desk attendant to do? Most likely, cooperate without thinking it through. This led to costly problems for Motel 6 – a $12 million settlement in the State of Washington alone. The lesson is this – don’t let frontline employees decide whether to turn over personal data of guests or customers. That’s a big decision that should be made at a higher level, in sync with the company’s privacy policy. This podcast explores what happened to Motel 6 and draws lessons for what a business should do to safeguard the privacy of customer data. If you have ideas for more interviews or stories, please email
April 19, 2019
Businesses have far more personal data than they think they have, and information expands by the hour. This is a key finding from an April 2019 Data Privacy Maturity Study from Integris Software – Data flows change daily, and yet many businesses rely on spreadsheets and annual surveys to learn what data they house, resulting in inaccurate information that risks reputation and non-compliance. Kristina Bergman, Integris’ founder and CEO, offers important insights in this podcast about how business can deal more effectively with avalanches of data and blizzards of national and state data privacy regulation through an automated approach to the inventory of data. If you have ideas for more interviews or stories, please email
March 14, 2019
Businesses hold vast amounts of digital and hard copy data. Much is personal data regulated by differing country and state laws and rules. The first step towards personal data privacy compliance is to know what personal data are held by a company. But traditional means of inventorying personal data undercount and are almost always behind the curve of time. Network analytics is the answer to this challenge. In this episode, the Data Privacy Detective has a conversation with 1touch’s CCO Mark Wellins, and they explore how to discover, map and flow data in a more comprehensive and timely way than traditional methods allow. If you have ideas for more interviews or stories, please email
March 3, 2019
Data incidents arise regularly for businesses. The perpetrators range from sophisticated scoundrels seeking a quick ransom payment, to foreign governments conducting industrial espionage, to thieves seeking inside information, to distant hackers seeking personal data to sell on the dark web. When an incident arises, companies turn to legal counsel as part of the response team. In this podcast, Bob Dibert, a Frost Brown Todd attorney with 30 years’ experience and a veteran of data incidents, discusses how incidents arise and how they’re handled. There’s a three-step approach when an incident arises: 1. Contain: Immediately aim to stop further leakage and prevent additional harm from arising. 2. Counsel and Plan: Promptly analyze the scope and nature of the incident, what needs to be done to address it both immediately and longer term. 3. Remediate: Solve the problems, remedy the damage, notify those affected if required. If you have ideas for more interviews or stories, please email
January 3, 2019
The European Commission issued its second review of how the EU PrivacyShield is working in late December 2018. Over 4,000 U.S. firms have signed up so far for this method of dealing with the GDPR (General Data Protection Regulation) of the European Union that protects personal data of its residents. The Commission’s report approves U.S. efforts to support the bilateral agreement that supports the Privacy Shield, with one important matter to be address in February 2019. If you have ideas for more interviews or stories, please email
November 28, 2018
China should never be viewed through a foreign lens. And yet, what other lens do we have from the USA or most of the world but to do just that? Bloomberg News reported two statistics on November 21, 2018 that will shock most non-Chinese citizens – “By the end of May, people with bad credit in China have been blocked from booking more than 11 million flights and 4 million high-speed train trips, according to the National Development and Reform Commission.” If you have ideas for more interviews or stories, please email
November 19, 2018
Russia governs personal data of its residents based on a generally applicable law. As a federal country, Russia has rules below the federal law, but they conform to standards set by statute throughout the nation. Though not as comprehensive as Europe’s broadly extensive General Data Protection Regulation (GDPR), Russia’s statute aims to protect the personal data of Russians similar to the GDPR’s approach. Concepts of consent of persons to use their data, privacy by design, data minimization, cybersecurity minimum standards and other principles are augmented by a data localization focus different from the GDPR.
November 4, 2018
The internet was once viewed as an instrument of freedom. It freed communications across borders, aided the ability of people to rally against repressive governments, dramatically lowered entry barriers to sellers of goods and services across borders. But like many good things, the internet has been increasingly harnessed to repress – or more neutrally to assist those in control of government to keep their power and a watchful eye and long arm over those who threaten their view of public order, The Freedom House report is a disturbing compilation of the rise of digital authoritarianism. The study of 65 countries that hold 87% of the world’s internet users found a decline in freedom from June 2017-May 2018 in 26 nations compared to gains in 19. If you have ideas for more interviews or stories, please email
August 13, 2018
Because U.S. states employ over 16 million people and hold the data of almost all American residents, state governments are major targets for data villains seeking to obtain data about us. How safe is our personal information in the hands of state governments and what security challenges must states address to better protect personal data? Podcast guest Trey Grayson is a veteran of these issues, having served as Kentucky’s Secretary of State for eight years and later as director of Harvard’s Kennedy School of Government’s Institute of Politics and member of the President’s Commission on Election Administration, which reviewed the 2012 election. Trey is now a principal of the public policy firm CivicPoint and an attorney with Frost Brown Todd LLC. As an attorney and public policy expert, Trey offers guidance on the state of cybersecurity and state-held data in episode 26 of the Data Privacy Detective podcast.
July 29, 2018
The EU’s GDPR requires businesses outside the EU to appoint a “representative” in a member state and a Data Protection Officer in the EU to consult on and monitor data privacy matters. In this episode, Alessandro Di Mattia joins us to explore the definitions and requirements surrounding these positions and the roles they play in protecting consumer personal data according to the GDPR.
July 23, 2018
The California Supreme Court faced a challenge that may have been the first stone cast in a global debate about free expression on the internet. The case centered on a San Francisco law firm that got a one-star YELP review from an unhappy former client. When the firm’s YELP rating dipped from 5.0 to 4.5 the law firm successfully sued the reviewer for a defamation claim. YELP was not originally a party to the case, but when the judgment ordered YELP to remove the information, YELP refused. If you have ideas for more interviews or stories, please email
July 4, 2018
“California enacts the strictest online privacy law in the country!” trumpeted CNN/Tech. A statute passed unanimously in the legislature and immediately signed by Governor Brown, AB 375, had the support of large tech firms and privacy advocates. It moves California in the direction of the European Union, granting rights to California consumers concerning personal information they share online. The Data Privacy Detective turns his magnifying glass on this statute. It will have an impact. If California were a country, it would boast the world’s fifth largest economy. California has citizen initiative rights that let people propose laws enacted by a popular vote, bypassing the legislature. Enraged by the Cambridge Analytica scandal of data shared by Facebook that ended up sold without consumers’ direct knowledge for political campaign purposes, a wealthy Californian tired of waiting for the legislature to act. He promoted an initiative aimed at creating tough consumer data privacy protections. Alarmed by the proposal, California’s large tech community backed a quick legislative response that is a compromise compared to the initiative language. It was drafted, enacted, approved and signed into law in about a week, and the initiative leader withdrew his effort and supported the outcome. See If you have ideas for more interviews or stories, please email
June 16, 2018
Businesses not located in the European Union have tried to understand whether the General Data Protection Regulation (GDPR), applies to them. And if it does, or if it might, one of the puzzles has been whether a non-EU business needs to appoint a natural person or legal entity to be its “representative” or a natural person to be its “Data Protection Officer” for dealing with EU and its Member States’ Data Protection Authorities (DPAs). This podcast focuses on that question. If you have ideas for more interviews or stories, please email
May 31, 2018
How did U.S. businesses deal with the launch of GDPR? And what’s its immediate impact on how U.S. businesses address personal information they have? The Data Privacy Detective turns the magnifying glass to this question, focusing on small and mid-sized (SME) U.S. businesses that hold personal data of Europeans. Most coverage about GDPR is about titanic battles of tech giants whose business models are based on monetizing customer data. My spyglass turns to a different subject: How did SMEs in the United States deal with GDPR? The clear majority of them do not sell personal data of Europeans, but instead collect and use it for ordinary business purposes, such as marketing goods and services, employing personnel, collecting payment and other processing that has nothing to do with surreptitious use of such personal information beyond the obvious. If you have ideas for more interviews or stories, please email
May 14, 2018
GDPR, the European Union’s effort to protect personal data, has dominated the efforts of businesses to deal with personal data across borders. Less noticed is China’s evolving system of controlling, regulating and protecting the personal information of its people. On May 1, 2018, China issued standards for personal information protection.
April 25, 2018
In this podcast episode, the Data Privacy Detective discusses the background to the EU / U.S. and Swiss Privacy Shield and how it relates to the new requirements of the EU General Data Protection Regulation (GDPR)that will take effect on May 25, 2018. If you have ideas for more interviews or stories, please email
April 19, 2018
In this podcast, the Data Privacy Detective turns a magnifying glass to how businesses located outside the EU can gather and use personal data that originates in the EU without violating the GDPR. Businesses inside the EU are actively working to bring their policies and procedures in line with the GDPR, with the benefit of many years of practice under the 1995 EU Directive that required EU countries to adopt laws based on a common background and similar principles to what becomes a directly binding regulation on May 25, 2018. For businesses beyond EU borders, how do they determine if GDPR’s extraterritorial reach affects them and what should they do about it?
April 18, 2018
The Data Privacy Detective explored in prior podcasts the broad scope of personal data, the differences between controllers and processors and other matters, including how processing can be lawful. That includes several specific, limited instances when acquisition and use of personal data can be legitimate in the absence of express consent of the persons whose data are held.
April 10, 2018
The EU’s GDPR – the General Data Protection Regulation – becomes law on May 25, 2018. This podcast explores what processing of personal data as defined by the GDPR is considered lawful. “Processing” is defined very broadly by Article 4.2 to encompass a wide variety of ways in which personal data are held or used. Article 6 describes what constitutes “Lawfulness of Processing.” It lists six alternatives for when processing is lawful. The first and most basic is if “the data subject has given consent to the processing of his or her personal data for one or more specific purposes.” Express consent is at the heart of the European approach to personal data protection. But consent is not the sole basis for lawful processing of personal data.
April 9, 2018
The GDPR defines personal data very broadly. But it is not an all-encompassing effort to protect all personal data from every conceivable use or misuse. “Personal data” is defined by Article 4.1 as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.” This defines personal data to include relatively non-sensitive information such as a phone number or email address, as well as more sensitive information such as biometric, genetic and other information about a person. The GDPR does not protect the data of legal entities. Only personal data of natural persons are addressed. Business, non-profit organization and government data are not covered. (Recital 14). Only data that relate to an identified or identifiable natural person are regulated by the GDPR. (Article 4.1)
April 2, 2018
Businesses collect, use and store personal data. It’s unavoidable. An email address, phone number, birthdate, postal address – these are all personal data that allow someone to identify or contact an individual. Other information is far more sensitive, such as health information, religious preference, political beliefs, race or ethnic origin, sexual preference, and financial details. The European Union’s General Data Protection Regulation (GDPR) classifies businesses that hold personal data as controllers or processors. The GDPR applies directly to both controllers and processors, but in different ways. This podcast explores the meaning of controller and processor and how cross-border businesses can meet the differing requirements imposed by the GDPR.
March 29, 2018
How does a non-EU business know if it must comply with the GDPR? And what specific things are required if the answer is yes? This podcast explores these questions, detailing the specific activities that require a non-EU business to comply with this EU regulation. Merely having a website is not enough. But if a company aims to sell goods or services to Europeans or to monitor the behavior of EU citizens or residents, compliance is expected. Conducting a data inventory and creating a data map are first steps to determine how a cross-border business can deal with the GDPR and comply with its requirements.
March 26, 2018
On May 25, 2018 the European Union’s General Data Protection Regulation becomes law – not just within the EU but everywhere in the world in some respects. It is deliberately extraterritorial. The EU is serious about compliance with the GDPR. Fines can be as high as 4% of a company’s gross revenues or 20 million Euros. The Data Privacy Detective launches a thorough exploration of the GDPR with this podcast, starting with the history, the context and the GDPR’s basic aim of protecting the personal data of its citizens and residents.
August 24, 2017
In this podcast, the Data Privacy Detective talks about tech support scams with Michael Severini, Director of Information Security for one of America’s large law firms, Frost Brown Todd LLC. A tech support scam can start with a phone call claiming to provide computer support and security. But increasingly this scam pops up when you click on a website and your screen freezes, with a warning page that your pc is infected and you need to call a toll-free number immediately for help. If you have ideas for more interviews or stories, please email
August 9, 2017
The risk of the Internet of Things (IoT) is far more than a stolen credit card number or a banking loss. The risk could be mortal and pervasive if a critical device is hacked and a malicious command is issued through the IoT.
August 3, 2017
Phishing is an effort by cybercriminals to use bait in the guise of a familiar email address to hook you into revealing your sensitive information. This podcast tells a real story of two college professors who were initial victims of a clever evolution of a phishing scam.
July 28, 2017
On July 25, 2017, the FBI issued a TLP:AMBER alert on its Cyber Watch system about an elaborate cyber-criminal attack underway by sources believed to originate from Iran. The Alert lists about 200 domain names and IP addresses that individuals and businesses should avoid. The Alert lists four actions that all persons and businesses should take to avoid being harmed, not only by this attack, but to address the burgeoning rise of malware and other attacks against our data privacy and use of the internet.
November 29, 2016
Very private information about us can be extremely useful for medical research and other noble purposes – such as medical data that can be aggregated into a big database to help control and combat disease. But we’re reluctant to share our health and genetic details if we can be identified individually. How can we contribute to the big data need of public health and still preserve our individual privacy? Pseudonymous and anonymous coding is the answer, many say. But wait, does that too have risks? Join a conversation with Ken Morris, a leading entrepreneur, technologist and attorney, to explore this essential question. If you have ideas for more interviews or stories, please email
November 15, 2016
The Data Privacy Detective talks about facial recognition technology, how it affects our privacy and what rights we have to fair use by the government. This episode will acquaint you with FIPPs and a law meant to ensure fair use by government on passports, videotapes and other images of our persona.
November 2, 2016
So what can you do yourself to protect your personal data and the confidential information of your company or employer? Julia Montgomery of Traveling Coaches shares top tips on how to protect confidential and personal data.
October 17, 2016
John Hibbs, Chief Information Security Officer for J.P. Morgan Chase, gave a riveting talk in Chicago in the fall of 2016 about the devices that tempt us to spend our waking hours giving them attention. He began with a challenge I readily accepted - that humans are not good at guarding their data privacy. Technology is too strong and changing too quickly to keep up with. Nonetheless, there are choices we can make with regard to the equipment and software we use and thereby better protect our data. You are your own first line of defense against the loss of your data, and this episode of the Data Privacy Detective goes through a checklist of items regarding software and equipment to assist you.
October 10, 2016
Personal data is vast and expanding exponentially. And the means of combing through vast quantities of digital data is becoming easier and quicker than ever, with human beings linked to each other on a global scale never before possible. At an October 1, 2016, conference in Luxembourg, French attorney Olivier Saumon cited industry projections that by 2020 the world will have 50 billion connected devices – an average of over five per person. Computers, smartphones, wristwatches, vehicle devices, robots and other devices will create data and connect to an expanding galaxy of devices that will track our health, finances, genetics, emotional make-up, perhaps even our dreams. This episode of the Data Privacy Detective highlights an example that shows how websites can search for and secure highly personal data of individuals and also how governments can intervene to delete the information and penalize third parties that lack express consent to handle the information.
October 6, 2016
Privacy is dead, get over it. This is what a blockchain entrepreneur told a conference at the European Court of Justice on September 30, 2016. And yet, we know this is not true. If privacy were dead, we would know all the details of Donald Trump’s tax returns and we would have access to every email of Hillary Clinton from both public and private servers while she was Secretary of State. And we don’t. Personal data privacy is alive and well, but it is under attack. And our own worst enemy is ourselves. Data privacy is not about protecting data – it’s about protecting you. Listen for tips on how to eliminate unnecessary risk by taking some simple steps to protect the data on your smartphone. If you have ideas for more interviews or stories, please email
Loading earlier episodes...
      0:00:00 / 0:00:00