GDPR Now!

Current topics in GDPR and all things privacy.

About the show

GDPR Now! is a new podcast about GDPR and all things privacy. Published weekly/fortnightly, the host is joined by a range of fantastic guests to discuss the latest news, developments, and trends within privacy. Each episode will be devoted to a specific theme and will feature one or more experts talking about an issue of relevance to the industry. Whether you're a privacy expert, a privacy beginner or you just want to know more, this is the podcast for you!

Episodes

  • Episode 14: Privacy by Design

    November 27th, 2019  |  40 mins 12 secs

    Privacy By Design is one of the key elements of good data protection, and is made mandatory by Article 25 of the GDPR. But what does PbD mean in practice? In this podcast, we look at the key elements of PbD, discuss some actual use cases, and examine how to apply PBD on the ground.

  • Episode 13: Governance – what’s needed to run a good data protection regime?

    November 4th, 2019  |  44 mins 2 secs

    What are the building blocks of good data protection governance? In this broad-ranging discussion, we talk to James Leaton Gray about his assessment of current data protection in the UK, what it takes to run a good data protection regime, different target operating models, how different parts of the business need to work together, the evolving role of the DPO, privacy and privsec, common mistakes and – critically – how move the data protection regime up the value chain. Plus the opportunities open to organisations that manage to establish a relationship of trust with their data subjects.

  • Episode 12: Brexit!

    October 9th, 2019  |  37 mins 19 secs

    What do UK companies need to do if the UK crashes out of the EU? This podcast discusses the privacy implications for UK companies after October 31st and what they should be doing – now – to prepare for a hard Brexit.

  • Episode 10: Cookie Consent Software Reviewed! Part 1: What the Regulators expect

    October 1st, 2019  |  35 mins 54 secs

    Managing consent for cookies has become a key issue. In this two-parter, we look at what the regulators (and in particular the UK ICO) require in relation to cookies (Part 1) and then – in an industry first - review three industry leading consent management tools: Cookie Control, Cookiebot, and Cookie Pro (Part 2).

  • Episode 11: Cookie Consent Software Reviewed! Part 2: Cookiebot v. Cookie Control v. CookiePro

    October 1st, 2019  |  30 mins 10 secs

    Managing consent for cookies has become a key issue. In this two-parter, we look at what the regulators (and in particular the UK ICO) require in relation to cookies (Part 1) and then – in an industry first - review three industry leading consent management tools: Cookie Control, Cookiebot, and Cookie Pro (Part 2).

  • Episode 8: Third Party Cookies - ECJ lays down new rules in Fashion ID case

    September 17th, 2019  |  18 mins 14 secs

    In the Fashion ID case, the European Court of Justice decides that website owners are now joint controllers with the provider of the third-party cookie, and that website owners are responsible for issuing the privacy notices for third party cookies and for collecting any consents that are required. And, to make things a bit more complicated, the ECJ comes up with a new approach to analysing the data journey and who is the controller! All this and more in this episode of GDPR Now!

  • Episode 7: Cyber security - everything a DPO needs to know. Part 1.

    August 27th, 2019  |  1 hr 7 mins

    Cyber security isn’t usually the primary responsibility of the DPO, but you can’t be an effective DPO if you don’t understand the security regime in your organisation and the trade-offs behind them. In this episode, we look at cyber security: what does it really consist of? how best to think about it? and what are the most common areas of vulnerability?

  • Episode 6: Cyber insurance - everything you need to know

    August 15th, 2019  |  38 mins 32 secs

    Cyber insurance is key to managing data protection risks. In this episode, we take a look at how cyber insurance works, what risks it covers, and how best to buy it.

  • Episode 5: Cookies and the GDPR – ICO v CNIL

    August 5th, 2019  |  31 mins 4 secs

    Both the UK’s ICO and France’s CNIL have issued updated guidance on cookies. You would have thought that this is all old stuff, but the ICO’s paper comes hot on its Adtech paper where it stated that the UK industry does not understand the rules around cookies, nor the interrelationship between cookies and the GDPR. In this podcast, we take a look at the eprivacy directive and see to what extent it makes sense and can be reconciled with the GDPR. There are some surprises as it turns out that the CNIL has invented a new legal type of cookie. This podcast is essential listening for anyone who wants to use cookies, whether first party or third party.

  • Episode 4: Disproportionate, intrusive and unfair – the ICO report on ad tech and real time bidding – Part 2.

    July 22nd, 2019  |  23 mins 19 secs

    Part 2 of 2. In its recent paper, Update report into adtech and real time bidding, the ICO has set out a biting criticism of how real time bidding (RTB) currently operates in the UK. Although the ICO has stated that it will take another six months to investigate further, it is already clear that the ICO will intervene. It is no exaggeration to say that the ICO’s intervention is likely to have a bigger impact on this industry than the GDPR. To give some idea of scale: the worldwide spend of on digital advertising is expected to reach US$98bn in 2020. In Europe, the UK is by far the largest market, followed by Germany and then France (approx. US$15bn, US$8bn, US$4bn, respectively, in 2018).

  • Episode 3: Disproportionate, intrusive and unfair – the ICO reports on ad tech and real time bidding (Part 1).

    July 21st, 2019  |  44 mins 37 secs

    In its recent paper, Update Report into Adtech and Real Time Bidding, the ICO has set out a biting criticism of how real time bidding (RTB) currently operates in the UK. Although the ICO has stated that it will take another six months to investigate further, it is already clear that the ICO will intervene. It is no exaggeration to say that the ICO’s intervention is likely to have a bigger impact on this industry than the GDPR. To give some idea of scale: the worldwide spend of on digital advertising is expected to reach US$98bn in 2020, representing 68% of total expenditure on digital media advertising. In Europe, the UK is by far the largest market, followed by Germany and then France (approx. US$15bn, US$8bn, US$4bn, respectively, in 2018).

  • Episode 2: Subject access requests, personal data and the case of Rudd v Bridle with Ashley Winton and Laura Scaife.

    July 12th, 2019  |  53 mins 51 secs

    Dr Rudd served a subject access request on Mr Bridle, and was not satisfied with the information he received back. Amongst allegations of fraud and conspiracy, the issue went to court. Who was the controller, and did the journalism and regulatory exemptions apply? One of the key issues was – what is personal data? The judge reached a conclusion, but was he right?

  • Episode 1: GDPR One Year On - with James Leaton Gray

    June 24th, 2019  |  44 mins 51 secs
    breach, data protection, dpo, gdpr, governance, privacy

    A podcast about GDPR and all things privacy. The show is features a host, a guest, a topic and a discussion. Typically, it lasts between 30 and 45 minutes.