Jason talks to Sharon Bauer, founder of Bamboo Data consulting. It is a niche privacy and security consulting firm that basically helps companies figure out how to foster trust and responsibly profit off the use of their data. Sharon's purpose is to empower businesses to make better decisions that will build sustainable privacy and security programs so that they can instil confidence in their customers, partners, and investors.

Episode Highlights

• 02.52: Data and monetization of private data came to be through companies like Google and Facebook.
• 06.07: Sharon explains how laws were first and foremost designed around the surveillance economy.
• 12.28: Sharon shares while setting up frameworks, what are the key best practice areas they look at. 
• 17.02: Sharon explains the importance of having a standard contractual clause.
• 19.20: Sharon talks about the misconception around data breach and how that happens.
• 20.22: The SEC passed the rule that basically requires everybody to be certified if they are going to be a vendor that is used by someone licensed by them.
• 26.33: If you are not going to respond to the liking of the individual or in a timely manner, they are going to go to the privacy commissioner.
• 29.30: Sharon highlights awareness and bringing awareness to employees and making them feel really empowered that they are doing the right thing and that they are trying to work with their existing processes. 
• 31.03: It takes 8 months to a year to truly implement a privacy program that is robust and operational.
• 35.06: Privacy is not always top of mind for all companies. It is a huge, endeavor to educate, educate, educate, and bring awareness so that.

3 Key Points

1. Sharon explains how explains privacy program is for companies. 
2. If you have a chat on your website, an AI tool or maybe not even an AI tool, but it is recording. There is a transcript recording that chat and you are collecting information from the EU or UK users. You need to seek explicit consent.
3. You need to make sure that the vendor that you are in business with also has good privacy and security practices and are not using that data for their own purpose.

Tweetable Quotes

• "It has become a highly profitable stream of revenue to basically harvest this data and utilize its direct ads and doing a number of other things." – Jason
• "If you are collecting personal information from residents in the EU or UK or in the US, or any other legislate or jurisdiction, you need to consider whether those regulations also apply." – Sharon
• "Most recently Facebook came under fire again because they were collecting personal information for the purposes of hitting ads at them instead of seeking explicit consent to do that, what they did was they embedded it in the terms of use terms of service." - Sharon
• "I feel so fortunate to be working in an industry that is very collaborative and everyone is so supportive of each other." - Sharon

Resources Mentioned

• Facebook – Jason Pereira's Facebook
• LinkedIn – Jason Pereira's LinkedIn
• Woodgate.com – Sponsor
• Podcast Editing

Hosted on Acast. See acast.com/privacy for more information.