The Latest Data Protection & Cyber Security News – September 2024
The Data Protection Made Easy podcast is back with the latest news, challenges and insights into data privacy and cyber security.
This month, our hosts, Phil, Jasmine, and Joe, covered international data transfers, artificial intelligence, video recordings and more. Keep reading to see what you have in store.
Data Protection Made Easy: September’s Recap
Episode 185: GDPR Radio – Breaking Down Misconceptions on Meeting Recordings
Have you ever joined a call and only later noticed it was being recorded? As with all modes of data collection, you must give explicit consent – without it, the recording goes against your data subject rights.
Simply stating that you are recording a meeting does not constitute consent. You must give a clear and legitimate purpose and receive explicit consent before pressing record. This is particularly important for meetings covering sensitive personal data, which will require a DPIA.
In episode 185, our hosts cover key considerations and best practices for recording meetings to maintain data confidentiality. Listen in now.
Episode 186: Navigating International Data Transfers (Part One)
An international data transfer involves sending or transferring personal data from one country to another. These cross-border data transfers are common for global businesses, but they bring extra data privacy laws with them.
For this special episode, we invited Catarina Santos, our Data Protection Consultant, to discuss international data transfer challenges, such as non-compliance and potential data breaches.
Our host, Joe, focused on the importance of adequacy decisions, which are legal determinations that an international organisation or third country offers an ‘adequate’ level of data protection. We also covered real-life examples, including Uber’s 290 million Euro fine for a GDPR data transfer breach.
Hear from Catarina and our hosts in episode 186. Part two, which focuses on derogations, is available to listen to now.
Episode 187: GDPR Radio – AI, LinkedIn & CCTV
In our second GDPR Radio episode, our hosts discussed the latest data protection news, covering artificial intelligence (AI), CCTV recordings and cookie compliance.
Recently, LinkedIn has stopped using UK users’ data to train its generative AI models due to the ICO’s data privacy concerns. With AI considered an innovative technology, there is growing scrutiny over development and the risk of unlawful data handling.
Businesses must take a risk-based approach when using AI to maintain GDPR compliance. LinkedIn has since provided an opt-out option for users who do not want their data used for AI training. This measure, however, should’ve already been in place.
If your business is adopting AI, follow our six-step guide for ensuring compliance with the GDPR. For right now, listen to episode 187 for more expert insight.
Episode 188: Navigating International Data Transfers (Part Two)
Our final episode ended with a continued look at international data transfers. In part one, we focused on how international data transfer can only occur when a third country is covered by an adequacy decision (or has appropriate safeguards in place).
If the third party (the ‘data importer’) has no safeguards or adequacy decision, your business can rely on a ‘derogation’, which is an exception to international data transfer rules. In this episode, we went through the principles of using derogations and the ICO’s ten scenarios for handling overseas transfers without an adequacy decision.
With the help of our guest host, Catarina, we cover invaluable tips and insight for businesses working across borders. Listen to episode 188 today.
Subscribe to Our CPE Accredited Podcast
Did you know you can earn one CPE credit every time you listen in? With over 180 episodes, you have a complete library of data protection resources to tune into. Catch up on September’s episodes now and start earning credits from today!