Tag: Data Privacy

Categories
FCPA Compliance Report

FCPA Compliance Report – Jason Patel on Leveraging and Protecting Data

Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In this episode, Tom Fox welcomes Jason Patel as they delve into the critical aspects of go-to-market security, market intelligence security, and customer privacy enforcement in today’s digital world.

 They discuss the importance of protecting businesses and customers’ experiences, leveraging data for security and marketing strategies, and ensuring compliance with privacy legislation like GDPR and CCPA. They highlight the services offered by Cheq.ai, a company specializing in go-to-market security, and stress the need for real-time compliance and a transparent approach involving various stakeholders. The conversation also explores the risks of relying solely on vendors for compliance and the impact of opt-in and opt-out strategies in data privacy. Looking ahead, they predict data privacy to be a leading issue, emphasizing the need for clear and explicit internet regulations to protect businesses and consumers.

 Key Highlights

·      Check: Go-to-Market Security and Customer Privacy Enforcement

·      Designing GDPR-compliant controls

·      Real-time compliance in data tracking

·      The Impact of Opt-In vs Opt-Out Strategies

·      The Future of Internet Regulations

Resources

Cheq.ai

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Data Driven Compliance

Data Driven Compliance: Jason Patel on Go-to-Market Security, Compliance, and Data Privacy: Safeguarding Business and Customers

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast, hosted by Tom Fox, which features an in-depth conversation around the uses of data and data analytics in compliance programs. Data-Driven Compliance is back with another exciting episode. The intersection of law, compliance, and data is becoming increasingly important in the world of cross-border transactions and mergers and acquisitions.

In this podcast episode, Tom Fox and Jason Patel delve into the critical aspects of go-to-market security, market intelligence security, and customer privacy enforcement in today’s digital world. They discuss the importance of protecting businesses and customers’ experiences, leveraging data for security and marketing strategies, and ensuring compliance with privacy legislation like GDPR and CCPA. They highlight the services offered by Cheq, a company specializing in go-to-market security, and stress the need for real-time compliance and a transparent approach involving various stakeholders. The conversation also explores the risks of relying solely on vendors for compliance and the impact of opt-in and opt-out strategies on data privacy. Looking ahead, they predict data privacy to be a leading issue, emphasizing the need for clear and explicit internet regulations to protect businesses and consumers.

Key Highlights:

  • Check: Go-to-Market Security and Customer Privacy Enforcement
  • Designing GDPR-compliant controls
  • Real-time compliance in data tracking
  • The Impact of Opt-In vs. Opt-Out Strategies
  • The Future of Internet Regulations

 Resources:

Cheq

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Life with GDPR

Life With GDPR: Banking’s Data Dilemma – Farage’s Account Closure & the Risks of Data Breach

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. The recent controversy surrounding Nigel Farage’s banking situation highlights the risks and compliance challenges faced by the banking industry in relation to data protection.

In this episode, Tom and Jonathan discuss the closure of Farage’s bank account with Coutts, a high-end bank owned by NatWest, and the potential data breach that ensued. They discuss the risks of internal emails being exposed through subject access requests (SARs) and emphasize the importance of caution in email communication. The conversation also explores the cost and consequences of non-compliance with GDPR obligations, particularly in relation to SARs. The potential legal implications for banks that violate their own policies or delete data that should be provided in response to a SAR are highlighted. Overall, the episode underscores the need for banks to prioritize data protection, compliance, and proper decision-making in the financial industry.

 Key Takeaways:

·      Nigel Farage’s Banking Controversy

·      Data Protection Risks in Banking

·      The Cost and Consequences of Subject Access Requests

·      Serious concerns about data protection and access to banking

 Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Connect with Tom Fox

●      LinkedIn

Connect with Jonathan Armstrong

●      Twitter

●      LinkedIn

Categories
Blog

Navigating Go-to-Market Security and Data Privacy

I recently had the opportunity to visit with Jason Patel, with Cheq.ai, a global leader in go-to-market security. We had the opportunity explore the importance of protecting businesses and customers, leveraging data for marketing strategies, and complying with privacy regulations like GDPR and CCPA.

Patel believes that one of the top mistakes companies make is underestimating the extent of compliance regulations, such as GDPR, and only making surface-level changes. Compliance is a cross-functional requirement that affects operations, marketing, revenue, and customer engagement. It is crucial for businesses to take full responsibility for data protection instead of relying solely on vendors. Lack of visibility and control over data once it enters someone else’s servers is a genuine concern.

When it comes to safeguarding businesses and customers, it is important to have a technology solution that sits in the browser, monitoring data collection and data sharing partners. Such a solution takes into account both company policies and end users’ preferences regarding data tracking and sharing. The goal is to provide a transparent layer that seamlessly operates until a change or new partner needs to be introduced.

Real-time compliance is critical due to the speed of data collection and the need to adapt to evolving technologies and practices. Compliance in this area involves understanding and engaging with end users without resorting to invasive tracking methods. It is about respecting user choices and immediately stopping data collection when requested. This not only ensures compliance but also builds trust and loyalty with customers.

I took a deep dive with Patel into the refinement of laws and regulations regarding businesses and the internet. As the internet becomes an increasingly integral part of society, regulations are being addressed in the digital ecosystem. Clarity on data transfer and identification in the ad tech space is essential. Questions are being raised about how vital services on the web should be governed and managed. Striking a balance between trading data for services and avoiding excessive data trading is a key consideration. Monitoring of these initiatives are critical for any compliance professional in the data privacy space.

Complying with privacy regulations is one of the key challenges of digital marketing organizations in mind. The focus is on controls-driven workflows rather than procedural workflows to maintain efficiency and minimize risks. The gold standard for data privacy protection is GDPR, which shares similarities with other legislation such as the CPRA in terms of data usage, disclosures, and consumer rights. Complying with GDPR can already cover a significant portion of the requirements for other legislations, making it a crucial framework to follow.

Opt-in and opt-out strategies are debated in the United States. While opt-out is preferable for businesses, an opt-in approach, similar to the GDPR model, is more comfortable for end users. The opt-in approach sets up a good compliance posture and encourages meaningful engagement with users. Indeed this standard would appear to be what the rest of the world is moving towards. Technology standards are moving towards responding to consumer choices before legislation catches up.

I see data privacy as a leading issue in the next few years, even up to it being addressed more explicitly at the Board level. Enforcement actions for privacy regulations are only going  to increase. GDPR and CCPA are prime examples of privacy regulations that have been implemented. It is essential for both B2C and B2B businesses to prioritize customer privacy to build trust and maintain a competitive edge. By doing so, such businesses can create a true business differentiator for themselves and compliance professionals can build more trust within corporate organizations. Even if the US Congress continues to be unable to pass national data privacy standard, the EU example of GDPR will continue to be the gold standard for the world and the one to which companies should aim to comply with going forward.

In this insightful conversation Jason Patel and myself have explored the world of go-to-market security, market intelligence security, and customer privacy enforcement. We consider the importance of protecting businesses and customers, complying with privacy regulations, and respecting user choices. By focusing on real-time compliance and engaging with end users, a company can navigate the complex landscape of data privacy and security. As data privacy continues to gain prominence, it is crucial for businesses to stay informed, adapt to evolving regulations, and prioritize the privacy rights of their customers.

Categories
Data Driven Compliance

Data Driven Compliance: eCom Surveillance and Cybersecurity Data Management

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast, hosted by Tom Fox, which is a podcast featuring an in-depth conversation around the uses of data and data analytics in compliance programs. Data Driven Compliance is back with another exciting episode The intersection of law, compliance, and data is becoming increasingly important in the world of cross-border transactions and mergers and acquisitions.

Data has become much more ubiquitous and needs to be incorporated into business processes. AI data cleansing helps to reduce false positives and provides context to alerts generated by the system. AI capabilities are divided into three categories: removing duplicative content, detecting risk, and providing context. AI-powered data cleansing strips out non-human generated content and focuses on what was sent by an individual. This helps to lower false positives in alerts generated by the system.

The need for eCom surveillance is increasing as communication sources become more varied. Slack, Zoom, Teams, Bloomberg chat, and Ice chat are all becoming commonplace, and companies need to be able to capture data from these sources. Artificial intelligence and machine learning models are being deployed to empower a compliance officer to focus on what’s important and be risk-based. Companies that have been hesitant about the cloud are now moving their data to the cloud.

The amount of voice business that is happening over Zoom and teams and other voice channels has skyrocketed. Regulators have been very clear that you need to capture and record that voice data. Customers have asked for more and more data sources to capture, including audio. Compliance teams need systems to manage collaboration, case management tools, and review tools. Technology allows compliance teams to no longer use Excel or SharePoint to manage their own internal processes.

The combination of technology and compliance is transforming the industry. Artificial intelligence capabilities have come a long way in the past few years and are already good enough to provide a lot of value to customers. The innovation over the next few years will be on the defensibility front, proving defensibly why something was alerted on and why something else was not. Technology is available to capture every data source that’s out there, and it is essential for compliance teams to leverage this technology to remain compliant and competitive.

 Key Highlights

·      Ecom Surveillance

·      Cybersecurity Data Management

·      AI and Compliance

Resources:

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: July 12, 2023 – The US-EU Data Sharing Agreement Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition:

  • EU-US agree on data sharing pact. (NYT)
  • EU privacy advocates slam pact.  (BBC)
  • Max Schrems slams back, vows legal challenge.  (YaHooNews)
  • Challenges to data sharing pact likely.  (Reuters)
Categories
FCPA Compliance Report

FCPA Compliance Report – Maria D’Avanzo on Privacy Issues in the US and Beyond

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. Join Tom Fox, the host of FCPA Compliance Report, as he speaks with Maria D’Avanzo, Chief Evangelist Officer at Traliant about privacy issues in the US and around the world. Discover the challenges businesses face due to the lack of national law in the US, with multiple state laws led by California. Compare this to the EU, where GDPR has been in place since 2018, and similar laws have been implemented in other countries such as Singapore, Australia, and Brazil. Learn how GDPR has changed the way businesses handle privacy by making it a part of business processes. Discover the importance of consulting with a good outside counsel, especially for global privacy policy implementation.

Explore how to handle cybersecurity incidents and disclosure of information, as regulations on this topic are still developing. Hear from Maria on how to address these incidents internally and the importance of an incident response plan. Find out how collaborating with the Chief Information Security Officer is crucial in developing a specific plan for these incidents, including a group effort from various departments.

Hear about instances where organizations share confidential information or data, leading to legal backlash and damage to reputation. This section discusses the Tesla case and suggests a broader conversation about company culture may be necessary to prevent such privacy infringements. Don’t miss out on this insightful podcast and tune in now to get important insights into privacy and cybersecurity from two industry experts!

Key Highlights

·      The Evolution of Privacy Issues Post-GDPR

·      Navigating Privacy Laws and Meeting Legal Standards

·      Cybersecurity Incident Disclosure Decision Making

·      Importance of Cybersecurity Incident Response Plan

·      The Impact of Sharing Sensitive Information

Resources

Maria D’Avanzo on LinkedIn

Traliant

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
From the Editor's Desk

February and March in Compliance Week

Welcome to From the Editor’s Desk, a podcast where co-hosts Tom Fox and Kyle Brasseur, EIC at Compliance Week, unpack some of the top stories which have appeared in Compliance Week over the past month, look at top compliance stories upcoming for the next month, talk some sports and generally try to solve the world’s problems.

 In this month’s episode, we look back at top stories in CW from February around the changes in DOJ efforts to encourage corporate cooperation and compliance and; the Treasury Department’s renewed enforcement efforts against banks for violations of OFAC Regulations. We previewed some of the stories CW will look at in March, including several articles about data privacy in the US and Europe in a CW special issue.

Kyle relates some of the upcoming Compliance Week 2023 Conference highlights from May 15-17 in Washington, DC. Listeners of this podcast will receive a discount of $200 by using code TF200 on the link below.

 We conclude with a look at some of the top sports stories, including a recap of the Super Bowl, the insanity of the NBA trading deadline, and the opening of Spring Training.

 Resources

Compliance Week 2023 information and registration here

Kyle Brasseur on LinkedIn

Compliance Week

Categories
From the Editor's Desk

January and February 2023 in Compliance Week

Welcome to From the Editor’s Desk, a podcast where co-hosts Tom Fox and Kyle Brasseur, EIC at Compliance Week, unpack some of the top stories which have appeared in Compliance Week over the past month, look at top compliance stories upcoming for the next month, talk some sports and generally try to solve the world’s problems.

In this month’s episode, we look back at top stories in CW from January around the changes to the DOJ Corporate Enforcement Policy, the Ireland DPC fine against Meta, and the always-interesting Inside the Mind of the CCO series. We previewed some of the stories CW will look at in February, including several articles about data privacy in the US and Europe.

We conclude with a look at some top sports stories, including the NFL playoffs and the Carlos Correa contract situation.

Resources

Kyle Brasseur on LinkedIn

Compliance Week

Categories
The ESG Report

Data Privacy and ESG with Dan Frechtling

Tom’s guest in this episode of the ESG Report is Dan Frechtling of Boltive, a company that helps keep the Internet safe from invasive media and enforces data privacy. Data privacy and cybersecurity are ESG issues because they are significant drivers of business risk and a growing concern among investors and CEOs. The public costs of poor corporate cybersecurity management are increasingly viewed as market failures.

Dan is the CEO of Boltive. His career began as a marketer, and he has spent years learning the power of marketing. Having experienced a significant event that changed his perspective about hyper-targeting and information sharing, he transitioned to cybersecurity where he learned about data privacy issues. 

 

Here are some key points Dan and Tom talk about:

  • Dan talks about his professional journey and background and his role at Boltive.
  • Dan defines invasive media and describes the protection his company provides against it. 
  • Dale explains how Boltive’s solution for invasive media protects the audience from malware, redirects, and other malicious behaviors, by replacing them with revenue-generating ads.
  • Compliance with terms of service and user experience is key in order for these solutions to work, Dan tells Tom.
  • In cybersecurity, the intermediaries and third parties are often creating noncompliant and bad user experiences. Boltive solves this by creating a synthetic user experience so each step is recorded and traceable to see what went wrong.
  • Knowing and identifying if your inventory is sensitive and understanding the flow of data makes complying with ever-changing privacy regulations easier. 
  • Dan explains why the digital ad ecosystem is so convoluted and the potentially harmful effects on customers.
  • Dane highlights some of the compliance issues with online marketing. 
  • GDPR is the gold standard when it comes to privacy and data protection, but state laws should also be followed when they are more stringent than GDPR.

 

KEY QUOTE:

“Invasive advertising can really be many different forms and we see our role to protect brands and publishers and technology platforms so those ads don’t get inadvertently served, because the world of programmatic advertising is very lawless and algorithm-driven.” – Dan Frechtling

 

Resources 

Dan Frechtling LinkedIn | Twitter 

Boltive