Siste episoder av Deep Dive into Data Privacy podcast

1. AI vs GDPR: Insights from EDPB Opinion 28/20418.12.2024 (00:20:59)

   AI is transforming industries, but it’s also raising complex questions about data protection and privacy. EDPB Opinion 28/204 provides guidance specifically for GDPR practitioners dealing with AI. 00:00 Introduction to AI and GDPR 00:33 Understanding Anonymity in AI Models 01:53 Framework for Determining Anonymity 03:30 Practical Steps for GDPR Compliance 06:16 Exploring Legitimate Interests 07:19 The Three-Step Test for Legitimate Interests 10:18 Navigating Legitimate Interests 10:34 Understanding the Balancing Test 11:17 Risks and Rights in AI Data Processing 14:59 Mitigating Measures for Data Protection 17:16 Web Scraping and Data Protection 18:24 Consequences of Unlawful Data Processing 20:13 Key Takeaways for GDPR Practitioners

2. Overview of International Data Transfers Rules under GDPR23.10.2024 (00:15:07)

   This episode explores the complexities of international data transfers under GDPR, detailing the criteria established by the European Data Protection Board. It outlines the three criteria to determine when data crossing EU borders qualifies as a transfer under Chapter V of GDPR, along with discussions on adequacy decisions, the EU-US Data Privacy Framework, and practical applications of standard contractual clauses (SCCs). Binding corporate rules (BCRs) and limited exceptions, or derogations, are also explained as methods for legitimate data transfers without adequacy. 00:00 Introduction to International Data Transfers 00:34 Understanding GDPR's Transfer Criteria 01:36 Real-World Examples of Data Transfers 02:08 When Transfers Don't Count 03:23 Green Lights for Data Transfers: Adequacy Decisions 04:00 The EU-US Data Privacy Framework 05:34 Safeguards for Data Transfers 05:49 Standard Contractual Clauses (SCCs) and Binding Corporate Rules (BCRs) 07:20 Exceptions and Derogations 11:47 The Importance of Documentation 13:00 Risk Awareness and Conclusion

3. Trailer to Overview of International Data Transfers Rules under GDPR21.10.2024 (00:00:32)

   Our next episode explores the complexities of international data transfers under GDPR, detailing the criteria established by the European Data Protection Board. It outlines the three criteria to determine when data crossing EU borders qualifies as a transfer under Chapter V of GDPR, along with discussions on adequacy decisions, the EU-US Data Privacy Framework, and practical applications of standard contractual clauses (SCCs). Binding corporate rules (BCRs) and limited exceptions, or derogations, are also explained as methods for legitimate data transfers without adequacy.

4. Consent or Pay Opinion by EDPB17.10.2024 (00:23:56)

   This episode covers the increasing prevalence of consent or pay models in online platforms and the recent opinion issued by the European Data Protection Board (EDPB) addressing this issue. The discussion includes what it means for consent to be freely given in today's digital landscape, especially when data sharing becomes necessary to access essential digital services. The EDPB emphasizes the importance of offering genuine alternatives, the challenges of large platforms holding significant power, and the ethical considerations surrounding data privacy. The episode also highlights the EDPB's call for clarity, fairness, transparency, and the implications for both users and companies in the digital age. 00:00 Consent or Pay Opinion 03:16 Exploring Alternatives and Fairness 04:58 The Role of Transparency and User Control 07:14 Challenges in Enforcing Privacy Rights 09:08 Implications for Companies and Users 10:43 Conclusion and Future Considerations

5. Fasion ID Case13.10.2024 (00:09:26)

   Ever seen that Facebook like button on websites? What seems like harmless snippet could be sending your data into a legal maze. This episode breaks down the Fashion ID case and explains how it sent shock waves through the data privacy world. From joint controllership to legitimate interest vs. explicit consent, we unpack the complex issues this case brought to light, including the impact on those pesky cookie banners. Buckle up as we explore how this case set a precedent for data privacy in the digital age.

6. Audio review of EDPB Opinion 22/202413.10.2024 (00:11:03)

   In this episode we are discussing the fresh opinion of EDPB 22/2024 on certain obligations following from the reliance on processor(s) and sub-processor(s). Learn how to get those "sufficient guarantees" (and what that actually means), why international transfers get tricky, and how the "unless clause" could be a problem. Read and download this opinion on the official EDPB website here

7. Breaking down New Guidelines on Legitimate Interest 202412.10.2024 (00:23:56)

   New EU guidelines on legitimate interest and what they mean. Our AI-hosts break down the legal jargon into plain English, explore real-world examples, and explain how these guidelines impact people's digital life! Listen now to learn the EDPB approach to data minimization, the balancing test, and the right to object. Plus, we cover how these rules apply to fraud prevention, direct marketing, and protecting children online. You can download and read the new EDPB Guidelines yourself here

8. GDPR Aware Handbook06.10.2024 (00:13:14)

   Think GDPR is just corporate jargon? Think again! This episode breaks down exactly what GDPR means for YOU, from its core principles to how it actually protects your data. We'll unpack your rights, how to hold companies accountable, and real-world examples of GDPR in action. Get ready to take charge of your digital life! Links: GDPR Aware Handbook by Siarhei Varankevich CIPP/E, CIPM, CIPT, FIP: https://data-privacy-office.eu/usefull-materials/gdpr-aware-handbook/

9. Book Review: The Privacy Engineer’s Manifesto05.10.2024 (00:25:06)

   Ever feel like you're clicking "agree" online without knowing what's happening behind the scenes? We break down the Privacy Engineer's Manifesto and how it aims to build real-world data protection into the systems we use everyday. From minimizing data collection to respecting user control, we explore what's needed to make privacy a reality, not just a promise.

10. GDPR Data Privacy Manager04.10.2024 (00:06:06)

    Tired of Surface-Level Data Privacy Training? This episode explores DPO Europe's Global Data Privacy Manager course and why it's different. We break down how this course goes beyond the basics to help you take action, build a program, and become a confident leader in data privacy. If you're ready to move past the "now what?" and tackle real-world challenges, tune in!

11. About GDPR DPP04.10.2024 (00:12:35)

    Starting your privacy journey? This episode unpacks the essentials of GDPR: why it matters, how it works, and what it means for your career. We'll explore real-world scenarios, practical skills, and why this training is key for any aspiring privacy pro. Links: GDPR DPP Training - https://data-privacy-office.eu/courses/gdpr-data-privacy-professional/

12. AI Regulation Training04.10.2024 (00:05:58)

    The EU AI Act is a game-changer. We break down what this groundbreaking law means for your work, how the EU categorizes AI risk (from harmless to high-risk), and the Act's potential global impact. Don't miss this crucial look at the future of AI and privacy.

13. Future with AI Act04.10.2024 (00:14:55)

    What happens when the EU decides to regulate AI? We break down the groundbreaking EU AI Act - why it matters (even if you don't build robots!) and how it aims to keep humans in control. We explore everything from "totally cool" AI to the "no-go zone," plus what it means for innovation and why this Act is just the beginning of AI's story.

14. GDPR Consent and Device Fingerprinting04.10.2024 (00:07:18)

    Ever feel like you're clicking "agree" online without really understanding what you're signing up for? The EU feels the same way. In this episode, we explore how the EU is tackling data protection in the digital age. From those pesky cookie banners to the stealthy world of device fingerprinting, we break down what's at stake and how the EU is fighting to give you back control of your data. Join us as we unpack the EU's e-Privacy Directive, its upcoming revamp, and what it all means for you. Get ready to become a more informed and empowered digital citizen.