Let's Talk Privacy

Aakash Suri

“Let’s Talk Privacy” isn’t just another GDPR or data protection podcast, it’s a fresh, lively, and truly accessible conversation led by the uniquely engaging hosting style of Aakash Suri. No legal jargon, no gatekeeping, and definitely no need for a law degree. Each episode breaks down privacy concepts in simple, relatable language while exploring how everyday choices shape our fundamental digital rights. Aakash speaks with professionals at all levels and business leaders across sectors to uncover how they really implement GDPR—sharing honest lessons, practical wins, and SMART, actionable takeaways. Designed to inspire the next generation of privacy pros, the show encourages young people to see privacy as a meaningful, future-shaping career. And with AI reshaping the world, we dive into how privacy underpins safe, ethical, and compliant AI use. Expect clarity, authenticity, and conversations that make privacy matter to everyone.

  1. 6 DAYS AGO

    Bitesize AI Briefings: Last Year, VIBE Coding Changed How the World Built

    In this bite-sized AI episode, Aakash Suri dives into the trendy new world of vibe coding. Vibe coding allows anyone to build software and applications simply by describing their ideas to an AI in plain English. While tools like Lovable, Replit, and Cursor are democratizing app development and drastically increasing speed, they also introduce significant privacy and security risks if left unchecked. KEY TAKEAWAYS Vibe coding lowers the barrier to entry: Anyone can now build software by using plain English prompts to tell an AI what they need. This empowers non-technical staff to create tools without waiting weeks for developers. Establish strict guardrails: Organizations need clear rules regarding who is authorized to use Vibe coding tools. This prevents the creation of unmonitored shadow IT systems right under your nose. Privacy must be proactive, not reactive: Incorporate privacy controls early in the vibe coding process. Do not wait until the end or after launch when the app has already grown legs and become business-critical. BEST MOMENTS "In the simplest possible terms, it means using AI to help you build software by describing what you want in plain English." "Instead of thinking, right, I need to build a database, connect an API, create a front end, fix the errors, you just simply say, build me a simple app to track my podcast guests, store notes, and remind me how to follow up. And the AI gets to work." "If people start building tools with real customer data, employee data, or sensitive business information without proper controls, then, in my opinion, you've got a massive issue." "You may not even know someone has built a shadow IT system right under your nose." "Bring privacy in early. Not at the end, not after launch, but early. Before the thing grows legs and becomes business-critical." TO CONNECT WITH YOUR HOST https://www.linkedin.com/in/aakashsuri-thoughtleader/  HOST BIO Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance. This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/

    8 min

  2. 27 MAR

    Are ISO 27001 Certificates Lying to You? Data Privacy, Red Flags, and Recent Deadlines with Jennifer Hirst

    FREE GIVEAWAY  Jennifer is offering a 1-hour extended discussion and review of your organisation's compliance with ISO standards. This could include discussion on: Is ISO certification worth it for you? Whether to get certified? How should we prepare for stage 1 or stage 2 audits before certification? How to improve your internal audits? What to do if your external audits keep finding non-conformances.  How to improve your ISO manual. ALSO, Free review of your certificate:  Please send Jennifer a copy of your certificate, and she will review it and let you know whether it covers what you are expecting.  If you are sending a copy of a third-party certificate, typically a supplier's, please ensure you can share it. We may need additional information, but we will request it once we have reviewed the certificate.  Certificate reviews are limited to three certificates per company requesting them. Please contact Jennifer here, linkedin.com/in/jennifer-hirst-44b3b5b7   In this episode, Aakash Suri sits down with Jennifer Hirst, a seasoned compliance and ISO consultant, to demystify the ISO 27001 certification. Moving beyond the idea that ISO is just an IT security badge, Jennifer explains how it serves as a structured framework for organizations of all sizes to implement best practices in data protection.  KEY TAKEAWAYS ISO 27001 is a Framework, Not Just a Label: It is a structured way of working that focuses on the confidentiality, integrity, and availability of data, regardless of company size. Regulatory Alignment is Embedded: ISO 27001 is not separate from laws like GDPR; it requires organizations to be aware of and integrate their legal and regulatory obligations into their security controls. The "Human Firewall" is Critical: Technical tools are insufficient without staff awareness. Training employees to recognize simple risks—like leaving a workstation unlocked or working on public transport—is vital to preventing breaches. Scope Matters in Certification: A major red flag is a certificate with a limited "scope" that excludes the specific departments or processes where sensitive data is actually handled. Continuous Improvement is Mandatory: Certification is not a one-time event. It requires regular internal audits, annual external assessments, and a full recertification every three years to adapt to new risks. BEST MOMENTS  "It's not a badge, it's a way of working. It's making sure that IT security... is there high on the agenda for that company." "While we all live in a very technical world... we don't. You just click on a link because it all looks so perfect." "A certificate on the wall means very little if people are still bypassing processes, hoarding data, or ignoring basic hygiene." "Top management needs to have the buy-in... if top management hasn't got the buy-in, you're never going to sustain it." "Just putting one question into AI uses the amount of water that a town might use in a day... It's a staggering amount." TO CONNECT WITH JENNIFER linkedin.com/in/jennifer-hirst-44b3b5b7  https://qualityexcellence.co.uk/  TO CONNECT WITH YOUR HOST https://www.linkedin.com/in/aakashsuri-thoughtleader/  HOST BIO Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance. This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/

    39 min
  3. Bitesize AI Briefings: OpenAI's CEO Sam Altman's Succession Plan: Handing OpenAI’s CEO Job to an AI!

    25 MAR

    Bitesize AI Briefings: OpenAI's CEO Sam Altman's Succession Plan: Handing OpenAI’s CEO Job to an AI!

    This episode of Let’s Talk AI features Aakash Suri diving into the Black Mirror reality of OpenAI’s latest headlines. The discussion centers on Sam Altman’s radical succession plan to eventually hand the company over to an AI model, his claims that OpenAI has "basically built AGI," and the resulting tension with Microsoft’s Satya Nadella.  KEY TAKEAWAYS The AI Succession Plan: Sam Altman revealed a plan to eventually replace himself with an AI model, arguing that if OpenAI’s mission is to build AGI, that system should eventually be capable of running the company. The AGI Claim & Microsoft Friction: OpenAI reportedly claims to have "basically built AGI," a statement that prompted a restrained pushback from Microsoft CEO Satya Nadella, who described the two companies as "frenemies" with different incentives. Governance & Accountability Gaps: Replacing a human CEO with an AI model raises massive legal questions: who is responsible when an AI makes a harmful decision, and can a board truly "override" a system that is also the company's primary tool?. BEST MOMENTS "If your whole mission is to build AGI... then at some point that system should be able to run a company." "Satya Nadella... described the relationship between Microsoft and OpenAI as 'frenemies' but with different incentives, timelines, and levels of hype tolerance." "How do you audit the decision-making of a system that is both the tool and the boss?" TO CONNECT WITH YOUR HOST ⁠https://www.linkedin.com/in/aakashsuri-thoughtleader/⁠  https://www.linkedin.com/company/as-privacy-ai-solutions-ltd/ HOST BIOAakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance. This Podcast has been brought to you by Disruptive Media. ⁠https://disruptivemedia.co.uk⁠/

    11 min
  4. Career Playbooks for India’s Next‑Gen Privacy/AI Pros with Chetandeep Batra

    20 MAR

    Career Playbooks for India’s Next‑Gen Privacy/AI Pros with Chetandeep Batra

    FREE GIVEAWAY  To have access to the 2 FREE books, we have included a link here - https://drive.google.com/drive/folders/1IR6FamA9-XqC5txHBvi5MwkArAPVQBU5  ALSO, contact Chetandeep on LinkedIn for a FREE mentorship call HERE - linkedin.com/in/achetansbatra   This episode of Let’s Talk Privacy features a deep dive into the evolving landscape of data protection and artificial intelligence in India. Aakash Suri welcomes Chetandeep Batra, a senior security and privacy consultant at EY and IAPP New Delhi Chapter Chair, to discuss the practical challenges organizations face with the Digital Personal Data Protection (DPDP) Act. KEY TAKEAWAYS  The Execution Gap: The biggest challenge for Indian organizations isn't the text of the DPDP Act, but the disconnect between boardroom policies and real-life data handling practices. DPDP vs. GDPR: Unlike the GDPR, India's DPDP Act applies strictly to digital personal data, excluding paper-based records, which requires a specific digital-first maturity. Collaborative Governance: Effective privacy management requires an "amalgamation" of legal, security, and management perspectives rather than any single department dominating the conversation. AI’s Silent Integration: Regulators often underestimate how "invisibly" GenAI is being embedded into everyday enterprise tools, making auditing and tracing more complex. Privacy by Design in AI: Beyond breach prevention, the future of AI compliance lies in "Privacy-Enhanced Technologies" and ensuring data is used only for its original documented purpose. BEST MOMENTS "Privacy is not implemented in isolation; it is negotiated." "The biggest misunderstanding I see... is they underestimate the challenge of security, with terming with privacy all in all. It is not about documentation; it is not about certifications." "I look at it as GDPR is the parent and the other legislations are like kids... they still have to follow what the parents are saying, but be bespoke to the country."  "Real risk lies in the silent usage of AI... it doesn't just process data; it is how it is interpreted, it creates abstractions, it creates embeddings." "People like to be heard here... when the voice is heard, 50% of the things just go very smoothly." TO CONNECT WITH CHATENDEEP linkedin.com/in/achetansbatra  TO CONNECT WITH YOUR HOST https://www.linkedin.com/in/aakashsuri-thoughtleader/  HOST BIO Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance. This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/

    48 min
  5. AI's Impact on the War in Iran

    18 MAR

    AI's Impact on the War in Iran

    In this episode, Aakash Suri moves beyond science fiction to explore the sobering reality of AI on the modern battlefield. Using the current conflict in Iran as a case study, the discussion breaks down how AI is being used to scan satellite imagery, prioritize targets, and assist in cyber operations.  KEY TAKEAWAYS Active Deployment: AI is no longer theoretical; it is actively used in the Iran war for target identification, threat ranking, and cyber warfare. The "Rubber-Stamp" Risk: High-pressure environments lead commanders to reflexively approve AI recommendations, blurring the lines of human accountability. Infrastructure as a Target: Tech companies’ data centers and cloud campuses are now considered military assets and potential targets due to their role in running war-fighting AI. BEST MOMENTS "AI isn’t just in the lab anymore; it’s in the war room." "On paper, humans are in the loop. In reality, they’re just approving what the machine has already decided." "We speed up the pipeline from a possible target to an explosion on the ground faster than our ethics, our laws, and our investigations can keep up." TO CONNECT WITH YOUR HOST ⁠https://www.linkedin.com/in/aakashsuri-thoughtleader/⁠  https://www.linkedin.com/company/as-privacy-ai-solutions-ltd/ HOST BIO Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance. This Podcast has been brought to you by Disruptive Media. ⁠https://disruptivemedia.co.uk⁠/

    10 min
  6. Blockchain as a New Risk Lens with Nav Sandhu

    13 MAR

    Blockchain as a New Risk Lens with Nav Sandhu

    FREE GIVEAWAY INFORMATION: Nav has provided a discount for all Let’s Talk Privacy listeners, 50% off the knowledge Blockchain course by using the code: AAKASH50 In this episode, Aakash is joined by risk expert Nav Sandhu to explore the intersection of blockchain technology and data protection. Nav breaks down complex concepts like Zero-Knowledge Proofs and pseudonymization, illustrating how blockchain can protect personal identity while still proving authenticity. Aakash and Nav also discuss the evolving role of the AI Officer and why boards must move beyond to embrace privacy as a fundamental trust mechanism and business enabler. KEY TAKEAWAYS Blockchain Terminology vs. Risk Frameworks: Current risk vocabularies often fail to capture the nuances of blockchain, requiring regulators to build new frameworks that define elements like wallet addresses as Personally Identifiable Information. The Power of Immutability: Because blockchain data is permanent and unchangeable, it offers a highly reliable "data lineage" for verifying income, transaction history, and consent. Zero-Knowledge Proofs (ZKP): This technology allows a user to prove they possess specific knowledge without actually revealing the sensitive information itself. Granular Consent: Unlike traditional "on/off" consent switches, blockchain allows individuals to fine-tune what data is visible to third parties, such as allowing a bank to see transaction categories without seeing specific retailers or locations. Privacy as a Revenue Driver: When organizations demonstrate a robust commitment to looking after personal information, privacy evolves from a compliance hurdle into a competitive advantage that builds customer trust.  BEST MOMENTS "If you risk nothing, you risk everything." "Blockchain is the internet; industries will be built on top of it." "Zero-knowledge proof is where a person can prove knowledge or authenticity without revealing that personal information." "Privacy is not seen as a blocker; it's seen as a revenue driver and as a trust mechanism that will win you more customers." "We need the right people in the right room; you cannot expect a Data Protection Officer to try and understand everything happening in AI on top of what they're already doing." TO CONNECT WITH NAV https://www.linkedin.com/in/nav-s-6194468b  TO CONNECT WITH YOUR HOST https://www.linkedin.com/in/aakashsuri-thoughtleader/  HOST BIO Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance.This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/

    49 min
  7. Bitesize - 2025 AI in Review: My Chosen Highlights on DeepSeek, Stargate, and Deepfake Video

    12 MAR

    Bitesize - 2025 AI in Review: My Chosen Highlights on DeepSeek, Stargate, and Deepfake Video

    FREE GIVEAWAY Free entry into Blockchain Introductory Course offered by AS Privacy & AI Solutions LTD, DM the word BLOCKCHAIN to ⁠⁠https://www.linkedin.com/in/aakashsuri-thoughtleader/⁠⁠⁠  ONLY AVAILABLE FOR THE FIRST 3 LISTENERS/RESPONSES SO DM NOW! Welcome to a brand-new, bite-sized edition of Let's Talk Privacy, with Aakash Suri, a privacy and AI thought leader, who breaks down the monumental shifts of 2025. This episode moves beyond the "chatbot hype" to explore the intersection of global geopolitics, massive infrastructure investments, and the evolving risks of synthetic media. KEY TAKEAWAYS Geopolitical Competition: The release of China's DeepSeek R1 proved that powerful AI can be built more affordably, challenging the dominance of high-cost U.S. chipmakers like NVIDIA. AI as Utility: Projects like "Stargate" (a collaboration between OpenAI, Oracle, and SoftBank) are treating AI data centers like energy or telecom infrastructure, requiring power equivalent to multiple nuclear plants. The Death of Video Proof: High-fidelity video models now make it nearly impossible to distinguish between real and synthetic footage on small screens, creating massive fraud risks for CEOs and brands. BEST MOMENTS "2025 wasn’t just another year in AI. It was the year the market realized AI isn’t just about clever chatbots; it’s about geopolitics." "Maybe you don't need to spend crazy money on NVIDIA to get good AI anymore." "This is not a small IT project. This is infrastructure on the same scale as energy or telecoms." TO CONNECT WITH YOUR HOST ⁠https://www.linkedin.com/in/aakashsuri-thoughtleader/⁠  https://www.linkedin.com/company/as-privacy-ai-solutions-ltd/ HOST BIO Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance. This Podcast has been brought to you by Disruptive Media. ⁠https://disruptivemedia.co.uk⁠/

    8 min
  8. AI Governance, GDPR & Going Freelance: Building a Privacy‑First DPO Career in the Age of Data with Yassine Mernit

    6 MAR

    AI Governance, GDPR & Going Freelance: Building a Privacy‑First DPO Career in the Age of Data with Yassine Mernit

    In this episode, Aakash Suri sits down with Yassine Mernit, a freelance Data Protection Officer and consultant who recently made the bold move from Paris to the UAE. Yassine shares candid stories from the front lines of global privacy, including the high-stakes moments he had to challenge powerful stakeholders and even general managers to protect data subjects.  KEY TAKEAWAYS The Power of "No": A DPO’s most critical moments often involve halting high-value projects or forcing breach notifications, even when faced with resistance from senior leadership. Communication is the Best Tool: Conflict is best resolved through early communication and training, helping departments see the DPO as a value-add rather than a "blocker". Data Minimization as a Business Asset: Beyond legal compliance, data minimization is a revenue and efficiency driver that reduces storage costs and builds consumer trust. AI Requires Specialized Knowledge: To govern AI effectively, DPOs must move beyond the "tick-box" mentality and understand technical architectures and AI-specific risks. Freelancing Demands a Growth Mindset: Transitioning from an employee to a consultant is less about escaping a job and more about intentionally designing a career around your core values. BEST MOMENTS "You rarely win by just saying no... you need to communicate, you need to train people, you need to discuss with them one by one." "The DPO is not responsible for the company... the responsibility is under the general manager. Our role is independent: we help and we advise." "Real data protection leadership often looks like being willing to slow things down or even say no when it really matters." "Responsible AI is not mysterious; it’s a set of disciplined habits, not magic." "If you don't understand the AI lifecycle behind a solution, you will never be able to advise correctly prior to its launch." TO CONNECT WITH YASSINE  linkedin.com/in/yassine-mernit  TO CONNECT WITH YOUR HOST https://www.linkedin.com/in/aakashsuri-thoughtleader/  HOST BIO Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance. This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/

    50 min
See All (16)

About

“Let’s Talk Privacy” isn’t just another GDPR or data protection podcast, it’s a fresh, lively, and truly accessible conversation led by the uniquely engaging hosting style of Aakash Suri. No legal jargon, no gatekeeping, and definitely no need for a law degree. Each episode breaks down privacy concepts in simple, relatable language while exploring how everyday choices shape our fundamental digital rights. Aakash speaks with professionals at all levels and business leaders across sectors to uncover how they really implement GDPR—sharing honest lessons, practical wins, and SMART, actionable takeaways. Designed to inspire the next generation of privacy pros, the show encourages young people to see privacy as a meaningful, future-shaping career. And with AI reshaping the world, we dive into how privacy underpins safe, ethical, and compliant AI use. Expect clarity, authenticity, and conversations that make privacy matter to everyone.

Information

You Might Also Like