157 episodes

The laws governing legal advertising in some states require the following statements in any publication of this kind:

"THIS IS AN ADVERTISEMENT."

Frost Brown Todd Podcast Frost Brown Todd

    • Technology
    • 4.4 • 14 Ratings

The laws governing legal advertising in some states require the following statements in any publication of this kind:

"THIS IS AN ADVERTISEMENT."

    Episode 155 — Data Privacy News From December 2023

    Episode 155 — Data Privacy News From December 2023

    Episode 155 considers three important developments as 2024 opens:

    -How the European Union’s pending AI Act blazes a new trail
    -How umbrella insurance may or may not apply to claims involving biometrics
    -How Quebec’s 2023 data privacy act will reshape privacy notices throughout North America.

    Yugo Nagashima and Brion St. Amour, attorneys with the coast-to-coast U.S. law firm Frost Brown Todd LLP, team with the Data Privacy Detective to cover these three essential matters.

    On December 9, the European Union published a preliminary agreement on the Artificial Intelligence Act, a pioneering law that provides a framework for sale and use of AI in the EU. We consider what the AI Act covers and the four-levels-of-risk approach the EU will take for regulating AI.

    We then jump into discussion of a class action lawsuit against Krispy Kreme Doughnut Corp. The suit claims a violation of the Illinois Biometric Information Privacy Act (BIPA). Does Krispy Kreme’s insurance coverage apply? We consider the distinction between the lawsuit's claims and the company’s umbrella policy. The insurer declared that Krispy Kreme is not entitled to an insurance paid defense, based on a policy exclusion.

    The Quebec Act for protection of personal information in the private sector became law in September 2023. December 18, 2023 Guidance from Quebec’s Commission covers what must be in privacy notices, including that they be in clear, simple language (in French and English). https://www.cai.gouv.qc.ca/politiques-de-confidentialite/ What is “clear and simple”? The Guidance offers a checklist of what organizations should say in their website privacy postings, and is certain to force changes in websites of digital businesses that cover U.S. and Canadian markets.

    Time stamps:
    01:16 — EU’s pending AI Act
    10:11 — Umbrella insurance and biometrics
    17:08 — Quebec’s 2023 data privacy act

    • 27 min
    Episode 154 — Online Privacy - Cookies, Chatbots, And Data Sharing

    Episode 154 — Online Privacy - Cookies, Chatbots, And Data Sharing

    Why do businesses create cookies for their websites – and what choices can visitors make when a popup asks us to choose? Can chatbots write privacy policies for businesses? How can we determine if a website shares personal information we provide to it – and if so, for what purposes?

    Donata Stroink-Skillrud, President and Legal Engineer of Termageddon (https://www.termageddon.com), addresses these questions. As data privacy laws and regulations spread, data privacy technology and policies must adapt. As website visitors, we should understand our choices when deciding what to click on cookie popups and should know whether a website business is gathering our personal information for limited and proper purposes. Learn a trick about how to know if a business shares personal information. Businesses wishing to be privacy compliant and earn a privacy-centric reputation should consider top tips. For individuals, hear advice for how we can protect our personal information in a world of growing threats to our privacy.

    Time stamps:
    01:00 — Cookies, explained
    06:21 — Chatbots, explained
    10:56 — How can we find out if a business is sharing our personal information?
    14:21 — Tips for businesses that want to focus on user privacy
    15:24 — Tips for individuals who want to protect their privacy

    • 16 min
    Episode 153 — Online Advertising, Consent, and Data Privacy: Big Changes looming for 2024

    Episode 153 — Online Advertising, Consent, and Data Privacy: Big Changes looming for 2024

    When we visit websites, we increasingly see popups. Why is this? How does consent affect online advertising? And what’s changing in 2024?

    Mate Prgin, founder/CEO of Enzuzo (https://www.enzuzo.com) explains how Google’s 2024 standards force online retailers to obtain express consent from customers for collecting and sharing personal information. Bolstered by the recent Quebec Law 25 (first in North America to adopt GDPR-style consent standards) and spreading U.S. state laws led by California, North American online sellers are driven to change their website technology and practices to give consumers the choice of allowing or refusing their personal information to be shared and used for personalized advertising. The meaning of “consent” and how it is provided in practice become essential for internet commerce in 2024. Understand how internet retailers can comply with law and private sector standards, how individuals will be empowered to exercise choices when shopping online about how their personal information will be used and shared.

    Time stamps:

    01:30 — What do you see in 2023 about data privacy compliance
    04:23 — Google’s 2024 standards, explained
    10:48 — Top tips for businesses in setting up their websites with privacy for users in mind
    11:58 — Top tips for individuals who want to protect their privacy

    • 13 min
    Episode 152 — Data Clutter & Data Privacy: Databases and the privacy risks they entail

    Episode 152 — Data Clutter & Data Privacy: Databases and the privacy risks they entail

    Data clutter – we keep our homes tidy, at least some of us do. But what about digital data? It accumulates and grows over time. Unlike hard copy files, which can be pitched or sent to long-term (expensive) storage, data is silent and unobservable (except perhaps to IT personnel).
    Explore how organizations amass vast amounts of data containing personal information, some highly sensitive. There it resides, posing serious risks to organizations and individuals.

    In Episode 152 Jason Cassidy, CEO of Shinydocs (https://shinydocs.com ), takes us on a tour of data clutter. Learn the vast amounts of unintended data gathered and kept by businesses that don’t need it, how this can be managed, how personal privacy can be more secure through state-of-the-art data management. Consider how data can be auto-classified on creation, how files can be better located with data breach risk minimized. Hear an industry expert’s top tips about data management for organizations and individuals. Make it a new year’s resolution to de-clutter, to data-minimize, to control fileshares, to design privacy-centric creation, retention, and storage of digital data.

    Time stamps:

    01:10 — What info do organizations typically store in their databases?
    07:20 — What risks to our personal privacy are posed by data clutter?
    14:48 — Tops tips to organizations for dealing with data clutter
    16:53 — Tops tips to individuals for dealing with data clutter

    • 19 min
    Episode 151 — Top November 2023 Data Privacy News

    Episode 151 — Top November 2023 Data Privacy News

    Major data privacy news from November - the meaning beneath the headlines:
    California issues proposed rules on ADTs – Automated Decision-making Technology. Applying California’s principal data privacy statute, the California Privacy Protection Agency proposes opt-out requirements, pre-use notices, and other measures for AI and related organizations. A New Landmark for Consumer Control Over their Personal Information: CPPA Proposes Regulatory Framework for Automated Decisionmaking Technology (ca.gov).
    The TSA is using biometrics at U.S. airports with little notice or disclosure. Some U.S. Senators have called “time-out.” What’s going on with biometrics at airports? BUR23A41 (senate.gov).
    The influential Data & Trust Alliance proposes eight cross-border Data Provenance Standards. Learn how international standards are being set by the private sector to increase transparency, reliability, and use of datasets essential for AI. Will data become labeled and tracked like food and art? How does private standard setting lay the groundwork for privacy conscious laws and regulations? Consider the immediate opportunity to provide your comments about AI and personal data privacy. The Data & Trust Alliance (dataandtrustalliance.org).
    Tune in to Episode 151 for analysis, as the world of data privacy spins toward 2024.

    Time stamps:
    00:59 — ADTs
    09:02 — The TSA is using biometrics
    13:47 — Data & Trust Alliance proposed Data Provenance Standards

    • 22 min
    Episode 150 — Nine Million Medical Records Leaked - How can victims find out what happened?

    Episode 150 — Nine Million Medical Records Leaked - How can victims find out what happened?

    Perry Johnson & Associates (PJ&A) provides medical transcription services to healthcare organizations. Its website states that it offers “secure HIT solutions,” using “multiple U.S. based, secure data centers for documentation storage and disaster recovery.” But in November 2023, PJ&A began informing about nine million people by individually sent letters that “between March 27, 2023 and May 2, 2023, PJ&A learned that an unauthorized party gained access” to its network and “acquired copies of certain files from PJ&A systems.”
    A November 2023 TechRadar report summarizes the background:
    “A total of 8.95 million individuals are affected, with the stolen data including full names, birth dates, postal addresses, medical records, and hospital account numbers. Furthermore, the hackers took admission diagnoses, as well as dates and times of service. In some cases, the hackers also stole Social Security Numbers (SSN), insurance and clinical information from medical transcription files, and names of healthcare providers - all of which would be more than enough to stage highly convincing social engineering attacks (phishing, identity theft, etc.) and could result in many class-action lawsuits.”
    How did a leading MedTech company respond to this cybersecurity incident? Tune in to learn how one podcast listener was informed by letter about the wrongful release of the individual’s medical information and sought details with no success. Consider how society must prepare better to address the aftermath of data breaches and what we can do collectively and individually to protect our most sensitive information.

    • 12 min

Customer Reviews

4.4 out of 5
14 Ratings

14 Ratings

lola 354 ,

Lola

Thank you! What a light in the maze of often mediocre privacy podcasts. Extremely relevant, regular expertise from the podcaster and the great guests he brings on. I like the breakdowns on tech too. My go to and would highly to industry folks and consumers alike.

ErmaTheLurker ,

Important Listen

In a world where privacy is nearly impossible, shows like this serve as a beautiful reminder. This is a must listen!

The Machine Pun ,

Great show!

Deffo recommend this show!

Top Podcasts In Technology

All-In with Chamath, Jason, Sacks & Friedberg
All-In Podcast, LLC
Acquired
Ben Gilbert and David Rosenthal
Search Engine
PJ Vogt, Audacy, Jigsaw
Lex Fridman Podcast
Lex Fridman
Hard Fork
The New York Times
TED Radio Hour
NPR