Peter Craddock joins us once again to discuss the recent EDPS v Single Resolution Board decision by the Court of Justice of the EU. Although it builds on the previous Scania and Breyer cases to settle on the “relative” nature of personal data, its practical implications on everything we do in the Marketing Technology and digital advertising spaces cannot be overstated.

Peter is a lawyer as well as a software developer. He is based in Brussels, heads the EU Data/Cyber/Tech Law team at Keller & Heckman, and helps international companies with their global data strategy and with EU data litigation.

References:

* Peter Craddock on LinkedIn

* When is data no longer personal? And what are the implications? (Peter Craddock)

* EDPS v. SRB (full text of the decision)

* Peter Craddock: ePrivacy exceptions, advertising, analytics, the limits of consent and server-side processing (Masters of Privacy, 2024)

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Meaghan Henderson started off as a litigation attorney in Los Angeles, subsequently joining Snap Inc.’s Trust and Safety operations. She is now Global Head of Privacy at iRobot (makers of the ubiquitous Roomba, a robotic vacuum cleaner).

We have gone over the many tasks that Meaghan has managed (and regularly manages) to accomplish as a one-person team: rolling out a full privacy program, raising internal awareness, coordinating with security teams, complying across multiple jurisdictions, and being part of the AI governance committee.

References:

* Meaghan Henderson on LinkedIn

* Generally Accepted Privacy Principles (GAPP)

* ISO/IEC 27701 (program maturity over time)

* Fair Information Practice Principles (FIPPs)

* NIST Privacy Framework

* OECD Privacy guidelines

* Amazon and iRobot agree to terminate pending acquisition

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Who can really claim to be a privacy engineer? Does this change in the digital marketing arena? What is the winning formula to integrate this role within the company’s privacy practice?

Thomas Ghys has worked as a management consultant, data scientist, and data strategist, including a 5-year stint at McKinsey, prior to setting up his own privacy engineering practice. He has deep expertise in MarTech and AdTech, auditing traditional machine learning models and data flows. He is also the founder and CEO of Webclew, a tool that helps with the auditing of websites and mobile apps.

References:

• Thomas Ghys on LinkedIn
• Webclew: scanning websites and apps for privacy risks
• CNIL: a focus on mobile SDKs, announcing enforcement actions in 2025
• Thomas Ghys: BAPD expectations for cookie compliancy unattainable for most publishers
• Dr. Augustine Fou: dismantling marketing attribution, ad fraud controls, and the business case for third-party cookies (Masters of Privacy, February 2024)

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Sandy Tsakiridi is a ​​dual-qualified Senior Legal Counsel in HSBC's global Data Privacy team. As part of her responsibilities, she provides advice on privacy-related matters, including privacy risk management across all customer-facing lines of business and internal functions of the HSBC Group. Prior to her current role, Sandy worked as an external legal counsel in leading international law firms and one of the Big Four in Brussels and London. 

Sandy holds a Bachelor and four postgraduate degrees in law from University College London (UCL), the London School of Economics & Political Science (LSE), Université Paris 1 - Panthéon Sorbonne and the Brussels School of Competition. She is an Advisory Board Member of the International Association of Privacy Professionals (IAPP).

We cover, in this order:

• What can we expect from the upcoming EU Artificial Intelligence Act? 
• What does it take to deploy an AI Governance Framework in the Financial Services sector?

References:

• Draft EU AI Act
• Sandy Tsakiridi on LinkedIn
• Recorded contents of the Legal AI Summit (Sandy was a speaker in 2022)
• Upcoming changes to UK Data Protection laws

 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Brendan Quinn (Esq.) is a qualified Irish Solicitor, New York Attorney, and Fellow of the Chartered Certified Accountants (FCCA), holding an LL.M from University College Dublin and Higher Diplomas in Computer Science and Data Analytics, as well as a postgraduate in Financial Technology. He is also the author of Data Protection Implementation Guide: A Legal, Risk and Technology Framework for the GDPR (Wolters Kluwer, September 2021). 

Among other things, our guest helps innovative software companies in their compliance with Privacy by Design and data security requirements, including data anonymization research and DPIAs.

We cover, in order:

• Things that tend to be missing in Data Protection Impact Assessments (DPIA)
• New avenues for GDPR enforcement stemming from the Whistleblower Directive and the Collective Redress Directive
• Interplay between the GDPR and data protection provisions contained in the new Digital Services Act and Digital Markets Act.

References:

• Data Protection Implementation Guide: Discount code for 25% off on the Wolters Kluwer website (valid until December 31st 2022): 25EOY2022
• Brendan Quinn on LinkedIn
• EU Whistleblower Directive
• EU Collective Redress Directive

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

With Nina Müller, Ethical Commerce Alliance Director and host of the Ethical Allies podcast.

References:

• Full Newsroom (Fall 2022)
• Tara Taubman-Bassirian on the Instagram fine
• Peter Hense on valid consent
• Cory Underwood on Google Analytics and Sephora
• Derek A. Lackey on Joe Biden’s Executive Order (a marketer’s perspective)
• Stephan Grynwajc on Joe Biden’s Executive Order (a lawyer’s perspective)

Selected updates: 

Enforcement

Starting with Europe, the most discussed recent case, and perhaps the most complex, is Ireland’s 405m EUR fine to Meta for the manner in which it exposed contact details for 13-17 year olds on Instagram business accounts. At its core: the European Data Protection Board (EDPB)’s intervention to find a compromise between the Data Protection Commissioner (leading supervisory authority for most US tech giants) and other Data Protection Agencies accusing it of resting on its laurels. 

Perhaps even more relevant to the interplay that we mostly care about (MarTech/AdTech + Privacy) was the French DPA’s announcement of a potential 60m EUR fine for Criteo. All hints point to a lack of proper oversight in the obtention of valid consent through publishers and advertisers. The role of these two was instrumental in building what the company had once claimed were “IDs and interests for 72% of all internet users”, so this case could bring us full circle into the Consent Management Platforms debate and whether they can be relied upon. All in all, it is no wonder that Criteo has moved firmly into first-party data territory, now calling itself a Commerce Media platform. 

The Digital Analytics space got its own share of excitement too. Denmark became (with Austria, France, and Italy) the fourth country to make it clear that Google Analytics breached the GDPR unless additional measures are taken. As explained in detail by France’s CNIL, the only way to avoid scrutiny was using a reverse proxy (a company’s own EU-based server, filtering out important pieces of information prior to forwarding calls to Google’s servers). As many will remember, this was only the tip of the iceberg of the 101 complaints filed by NYOB against companies using either Google Analytics or the Facebook pixel. 

Next in line was TikTok, quickly catching up with Meta/Facebook and Google in terms of privacy violations, penalties, privacy lawsuits and privacy-related scandals. Its latest trophies: the UK’s DPA (ICO)’s proposed 27m GBP fines for its mishandling of children’s data (they were allowed to sign up without parental consent, information provided was insufficient, and special categories of data were being processed), a 92 million settlement in Illinois (under the State’s Biometric Information Privacy Law on which every major social media platform has stumbled before) and recent coverage of the manner in which its tracking pixels follow everyone around the web.

Legal updates

It may not be a new law or court case, but Joe Biden’s Executive Order to make room for the EU-US Data Privacy Framework (Privacy Shield 2.0) is the biggest piece of news on this front. All going well in Brussels, it could put an end to the nightmare currently faced by the millions of customers of US-based SaaS MarTech and AdTech solutions that happen to process data on US soil, including Google Analytics, Mailchimp, HubSpot, or Salesforce Marketing Cloud. 

For its part, the UK wants out of the GDPR and this could actually result in a more dynamic environment (it relied on an Oxford University research that claimed that the GDPR is costing UK businesses 8% of their profits). For one thing, they are proposing to let small businesses get on with their lives. 

Future of media

Elon Musk completed his acquisition of Twitter, announcing monthly charges to its heaviest users - starting with those displaying a “verified” blue icon, who happen to be the ones caring the most about the status their identity or following confers to them. This was criticized as a “misinformation nightmare”, in very timely Halloween fashion. 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Stephan Grynwajc is admitted as a lawyer in the EU, the UK, the US and Canada, having worked as a privacy practitioner and DPO in both Europe and North America for the last 20 years. His own law firm offers external DPO services to EU/UK and US/Canada-based companies. Stephan is also a partner specialized in international privacy at Outside GC, a bicoastal US law firm.

Stephan publishes regularly on various privacy topics, including for the IAPP Privacy Advisor. He is also an Adjunct Professor on privacy and data protection at various universities.

References:

• Privacy at the Crossroads: A Comparative Analysis of Regulation in the U.S., the EU and Canada
• Joe Biden’s Executive Order
• Summary of Privacy laws in Canada
• Law Office of S. Grynwajc (and LinkedIn Page)
• Outside GC
• IAPP Privacy Advisor

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Derek A. Lackey is Managing Director of Newport Thomson, a Privacy Agency based in Toronto. With more than 30 years of marketing, advertising and privacy experience, he is focused on data protection & privacy and its effect on the brand. Derek is the author of “CASL Compliance: A Marketer’s Guide to Email Marketing to Canadians”, and looks to simplify the implementation of new data management practices within organizations. 

This will be the first of two separate perspectives on the basic premises that make EU-US data transfers so difficult (in the aftermath of Joe Biden’s Executive Order paving the ground for the Data Privacy Framework). We will also get a first impression of the Canadian scenario as an interesting blend of both approaches.

References:

• Newport Thomson
• Derek A. Lackey on LinkedIn
• Joe Biden’s Executive Order
• Max Schrems’ first reaction to the EO
• CASL Compliance: A Marketer’s Guide to Email Marketing to Canadians

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Peter Hense is a partner at Spirit Legal, Germany. He specializes in data privacy litigation, particularly in the area of Advertising Technology.

In this episode we discuss the uselessness and potential demise of Consent Management Platforms (CMPs) in a first-party data future. We will also touch on Data Clean Rooms and whether they actually deserve the label.

References: 

• Peter Hense on Twitter
• Spirit Legal
• Introductory article (Sergio Maldonado)
• Brave’s announcement: Automated removal of consent pop-ups
• Consent-O-Matic: OneTrust files patent to circumvent CMP blockers (Vice Media)
• Tilman Herbrich on Data Clean Rooms

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Tara Taubman-Bassirian is a French lawyer specialized in Privacy, Internet law and Intellectual Property. She is a published author, for many years raising awareness of privacy, data protection and cybersecurity issues. Tara has also launched an initiative, Fly A Kite, to raise cybersecurity awareness especially to keep kids safe online. She also holds an LLM from Queen Mary University. 

References:

• EDPB’s binding decision on the Instagram case
• Instagram’s 405m EUR fine
• Tara’s website: Datarainbow
• Tara on LinkedIn

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Cory Underwood combines in-depth technical expertise in the MarTech and Analytics space with a thorough understanding of the ePrivacy legal framework. He has hands-on experience in Distributed System Design, A/B Testing, Tag Management or Analytics - and writes extensively about the intersection of digital analytics and cross-border privacy compliance.

References:

• Cory Underwood’s blog
• Global Privacy Control
• Sephora settlement 
• CNIL’s suggestions for a GDPR-compliant Google Analytics deployment
• California Age-Appropriate Design Code Act
• American Data Privacy and Protection Act

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Mike J. Schmidt has extensive experience as an Advisor and Solutions Architect working worldwide in Identity Access Management (IAM), Data Privacy, and AI. He was one of the founders of MyData Global’s Canada Hub and has recently relocated to Spain.

Together we are revisiting a few key topics: personal agency, identity, informed consent, MyData Operators, and AI.

References:

• Celine Takatsuno on MyData business models 
• Paloma Llaneza on Consent Commons (Spanish)
• MyData 2022
• MyData Operators
• Privacy Identity Protection Service

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Hi again! We are bringing our regular “Newsroom” updates to this channel, covering quarterly news on five particular topics: 

• ePrivacy and regulatory framework
• MarTech and AdTech in a Privacy-First world
• Competition and digital markets
• Zero-Party Data and Customer Centricity
• The future of media

We will add relevant links on a subsequent blog post. Please find more information and resources on mastersofprivacy.com 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Can we shift the focus from documentation to technical implementation? How can we bridge the cultural differences between legal teams and engineers? What do we mean with open-source data classification?

We are joined by Cillian Kieran, Ethyca’s CEO and founder, in a new installment of our Privacy Tech series. Cillian is a serial entrepreneur and seasoned privacy engineer with two decades of experience leading data-intensive businesses. He combines deep technical expertise with a track record of building and scaling companies, including a global digital agency serving Fortune 500 clients. 

References:

• Fides: the open source language for data privacy
• Cillian Kieran on LinkedIn
• Ethyca
• Max Anderson (Ketch): Privacy Tech spotlight I – the future of CMPs, value vs. hype in privacy compliance SaaS (Masters of Privacy, April 2025)
• Daniel Barber (DataGrail): Privacy Tech spotlight II – widespread non-compliance, opt-out challenges, and shadow AI (Masters of Privacy, May 2025)

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Maciej Zawadziński is an AdTech and MarTech expert, founder of several successful companies and online privacy rights advocate. Striving towards more conscious data use and a healthier digital advertising ecosystem, Maciej is currently devoting his knowledge and skills to developing Piwik PRO – a privacy-focused analytics platform, the perfect alternative to Google Analytics.

 

We have debated the immediate consequences of recent developments concerning the use of Google Analytics in the European Union, as well as other important topics for Marketing Technology and Digital Analytics professionals: valid consent, sample sizes, the avoidance of cookie banners altogether, and the future of data-driven marketing.

References:

• Maciej on Twitter
• Marketing, Technology, and Privacy: Forecast for 2022
• Austrian decision on Netdoktor’s use of Google Analytics
• CNIL’s guidelines to avoid cookie banners when using web measurement tools (FR)

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Celine Takatsuno is our most recent addition to the PrivacyCloud team. We have asked her to help us understand the current status of the various business models falling under the umbrella of a set of principles that the MyData Global organization has come to embody: human-centric control of personal data, individual empowerment, transparency, interoperability, etc. 

More specifically, we have gone through the same list I had put together in a 2019 article, “MyData Business Models”: Privacy Enhancement Tools, User Rights Management platforms, Self-Sovereign Identity tools, Personal Data Stores, Brand Relationship Management tools, Declared Data Platforms, Attention Management and survey-based market research tools, and Personal Data Marketplaces. 

About M Celine Takatsuno

Celine's been working in data, technology, and privacy spaces for more than a decade.

Before joining us at PrivacyCloud, she was working on a couple of personal data projects, one in healthcare and one in e-commerce.

She's founded three startups, consulted with a dozen more in media, marketing, and 'tech for good', and early on, led business and strategy teams for industry pioneers like Commission Junction.

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

As an answer to the obvious legal challenges of ID-based, cross-media deduplication (currently greater than those faced by third-party cookies), Google Chrome’s Privacy Sandbox, and its related W3C Working Group, provides a framework for advertisers and publishers to leverage a browser-level interest graph while preserving anonymity, through the use of aggregate data and minimum audience thresholds. As key drawbacks, there is little control on the consumer side, and local storage could result in data leaks when coexisting with either shared-identity, third-party cookies, and platform-specific IDs or walled gardens.

We will address these and other issues from a legal perspective (ePrivacy + GDPR, mostly), and your humble host (Sergio Maldonado) will be on his own for this particular mission.

References:

• The State of Cookieless (on Medium)

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Gabriela Zanfir-Fortuna is a Senior Counsel for Global Privacy and EU data protection law at the Future of Privacy Forum and former legal officer for the EDPS (Brussels). She holds a PhD in data protection law.

References:

• Dr. Gabriela Zanfir-Fortuna on Twitter
• Proposal for an EU Regulation on Artificial Intelligence 
• Japan’s Personal Information Protection Commission
• Kenya Data Protection Act (PDF)
• Brazilian Data Protection Law (as translated into English and made available by the IAPP)
• South Africa’s Data Protection Law (POPIA), as summarized by the National Law Review

Training courses at the Future of Privacy Forum: Understanding Digital Data Flows

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Lisa LeVasseur is an MBA technologist with a background in Computer Science and Philosophy. Lisa began strategic work in cellular telecom industry standards in the late ‘90s while at Motorola. Since then, she has participated in 3GPP, 3GPP2, MEIF, WAP Forum, IETF, W3C, IEEE and Kantara Initiative. 

The Me2B Alliance is setting the standard for respectful technology. It is backed by a group of software engineers, policy analysts, UX experts, business and philanthropic leaders who are committed to giving individuals more say in how technology treats people.

References:

• Me2B Alliance
• Me2B Principles and explanatory video 
• Lisa LeVasseur on LinkedIn
• Digital Harms Dictionary

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Katharina Weimer is a partner in the privacy team of Fieldfisher and located in the Munich office. She has been advising her clients in the data protection landscape for more than 12 years with a focus on international companies.

 

Kirsten Ammon is a lawyer of Fieldfisher's IT and privacy team in the Hamburg office. She develops practical privacy solutions for her clients that are mainly located in Europe and the US.

 

References:

• Latest draft of the EU ePrivacy Regulation (EU Council mandate, February 10th 2021) 
• EDPB’s Statement 3/2021 on the ePrivacy Regulation (European Data Protection Board, March 9th 2021)
• Planet 49 ruling (Court of Justice of the European Union, October 2019)
• Katharina A. Weimer LL.M. (Fieldfisher)
• Kirsten Ammon (Fieldfisher)

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Jodi Daniels is Founder and CEO of Red Clover Advisors, a privacy consultancy helping companies from startup to Fortune 100 create privacy programs, build customer trust and achieve GDPR, CCPA, and privacy law compliance. Jodi as a Certified Informational Privacy Professional and serves as the outsourced privacy office for companies.

References:

• Red Clover Advisors
• Jodi Daniels on LinkedIn
• International Association of Privacy Professionals
• California Consumer Privacy Act

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Sille Sepp serves as the Programmes Lead for MyData Global, an international nonprofit aiming to empower individuals by improving their right to self-determination regarding their personal data.

With a background in Sociology and Urban Governance, Sille is especially keen to explore the MyData concept in the urban context, and the implications of digital technologies and the data economy on society.

References:

• Sille Sepp on Twitter
• MyData Global Declaration
• EU Data Governance Act

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Elizabeth Renieris is the Founding Director of the Notre Dame IBM Technology Ethics Lab, a Technology and Human Rights Fellow at the Carr Center for Human Rights Policy at the Harvard Kennedy School, and a Fellow at Stanford's Digital Civil Society Lab. She's an expert in cross-border data governance, and the ethical and human rights implications of emerging technologies.

References:

• Elizabeth Renieris on Twitter
• Notre Dame IBM Technology Ethics Lab
• Harvard’s Carr Center for Human Rights Policy
• Stanford’s Digital Civil Society Lab
• Laura DeNardis, The Internet In Everything, Freedom and Security in a World with No Off Switch
• Sun-ha Hong, Technologies of Speculation

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Julian Wilson began his career at Apple in the late 80s. Here he worked on projects such as the world's first set top box, hybrid CD / internet games console and as part of the team who introduced Newton [arguably the forerunner to the iPhone].  

He left Apple to join ATT in 1996, where he conceived and built a digital cash payment service for mobile phones based on smart cards.  In 1999 after raising $5m from US venture capitalists and the Dutch Government, Julian led a management buyout of this technology to create SmartAxis BV.  After two more Internet start-ups focused on identity and mobile data, Julian joined Barclays engineering team in late 2013, where amongst other things he and a colleague submitted global patents for modification to the bitcoin protocols / blocks of crypto currency.  

Julian joined Ecospend in 2019 to build a self-sovereign data service on top of an Open Banking platform. He describes his role as putting an Internet lens onto product design.

References: 

• Julian Wilson on LinkedIn
• Ecospend
• EU Payment Services Directive (PSD2)
• Solid

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

It is time for a seasonal update at the intersection of Marketing, Data, Privacy and Technology. We are today covering the first four of our usual five blocks: ePrivacy & regulatory updates; MarTech & AdTech; AI, Competition and Digital Markets; PETs and Zero-Party Data. 

All references and links can be found in this episode’s blog post: Masters of Privacy.

Allow us to thank two people in advance for their routine work in breaking down the news across some of the topics and jurisdictions covered here: Robert Bateman and his Privacy Corner and Federico Marengo with his Privacy and AI newsletter.

Also, an important disclaimer: the voice that joins me today is a text-to-speech output generated with Eleven Labs.

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Andrés Arrieta is Director of Consumer Privacy Engineering for the Electronic Frontier Foundation (EFF), where he oversees projects and tech policy like blocking trackers online when you browse. He is also an advocate for better privacy, cybersecurity, and fair competition. 

References:

• Privacy Badger
• Electronic Frontier Foundation
• Privacy Sandbox (Chromium)
• Global Privacy Control

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Gam Dias is a partner at 3PointsDIGITAL, part of the MSQ Group of Digital Agencies, where he is growing the Data Strategy and Personal Data practice. Gam previously co-founded e-commerce consultancy First Retail, and prior to that was Head of Data Strategy at Aviva Insurance. He is also an associate professor at IE Business School.

 

Gam has been an active member of the MyData Madrid community since its inception in late 2019, and we use our past debates as a starting point, eventually touching on a few hot topics: personal agency, privacy vs convenience, personal data stores, and reinventing digital marketing. 

References:

• The Laws of Simplicity, by John Maeda
• MyData Madrid on Meetup.com and Twitter
• 3PointsDIGITAL
• Gam Dias at IE Executive Education

Visit our website for further information: www.mastersofprivacy.com 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Alessandro De Zanche is a multilingual senior executive with over 16 years of experience of data, audience, monetisation strategies and products covering international roles in global companies (News Corp, Yahoo!, Telefonica, GfK, Hutchison 3G, Sizmek). He is currently consulting (among others, with: Financial Times Strategies, Dentsu Aegis Network, DPG Media Group) and writes on AdExchanger on a regular basis. 

We took this opportunity to discuss the pains of the open programmatic advertising market for publishers and the trade-offs involved in identity management or different models for people to pay for their content.

References:

• Alessandro De Zanche on LinkedIn
• Alessandro on AdExchanger
• Alessandro on Twitter and Medium

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Dr. Augustine Fou is a digital marketer of 25 years, currently working as an independent cybersecurity and ad fraud investigator. He was Chief Marketing Science Officer at the Advertising Research Foundation and Group Chief Digital Officer at Omnicom’s Healthcare Consultancy Group.

Dr. Fou taught digital marketing at NYU and Rutgers University and he got his PhD, at the age of 23, in Materials Science & Engineering from MIT.

References:

• Dr. Augustine Fou on Forbes
• Dr. Fou on Twitter

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

John Marshall is the author of Free Is Bad, as well as a serial entrepreneur and a patent holder in analytics tracking. His companies built advertising and analytics tools and delivered the first distance-learning training courses in digital marketing. 

He has recently turned his focus to the nature of web advertising and consumer behavior, becoming a firm believer that our current relationship with the web as a free service has led to untenable compromises in service, information, and truth. 

References:

• Free Is Bad: How The Free Web Hurt Privacy, Truth and Democracy...and what you can do about it
• Free Is Bad TLDR

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Stéphane Hamel is a seasoned independent digital marketing and analytics consultant, innovator, speaker and startup & agency advisor. He is also Digital Marketing Program Director for the Faculty of Business Administration at Laval University (Quebec City, Canada). He has recently embarked on a mission to protect user privacy and the ethical use of data.

References:

• Stéphane Hamel's personal website
• Christopher Wylie (Cambridge Analytica)
• Superweek
• European Data Protection Law and Practice (CIPP/E manual - Eduardo Ustaran, IAPP)

 

 

 

 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Milton is the CEO of the Luxury Institute, as well as a private investor, a frequent guest speaker at Columbia University, and a well-known entrepreneur. Of particular relevance to us, Milton is an investor in DataLucent and Digi.me, the former of which has recently launched an Advanced Personalization Xchange (APX) together with the Luxury Institute.

References:

• Advanced Personalization Xchange
• MyData Business Models
• Prediction Machines, by Ajay Agrawal, Joshua Gans, Avi Goldfarb
• Richard Whitt on Medium
• DataSwift on YouTube

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Hoping to better understand a human-centric, demand-led future, we have spent a few months interviewing entrepreneurs and pioneers at the intersection of Marketing, Data, Privacy, and Technology. This channel is our attempt to expand on this effort and share our learnings along the way. 

Masters of Privacy is hosted and maintained by PrivacyCloud, a Spain and US-based company that helps people, marketers, and publishers take control of their data, their money, and their experiences.

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

What do we refer to with “privacy metrics”? Are privacy professionals delusional regarding the impact of the discipline in the overall business context?

Lauren Reid is founder of The Privacy Pro, a boutique firm that provides essential training, tools, and support for privacy professionals to turn knowledge into action. In addition to leading The Privacy Pro, Lauren works with executives, boards, and product teams to build privacy data governance strategies that support responsible innovation and prepare companies for investor and regulatory scrutiny. She has a 20-year track record in this space.

References:

• Lauren Reid on LinkedIn
• The Privacy Pro
• Lauren Reid: Rethinking Privacy Metrics: Aligning with Business Strategy

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Can telco-powered identifiers overcome their own privacy challenges in their attempt to replace third-party cookies or email-based alternatives?

Pascale is the Data Protection Officer at Utiq, a European based AdTech company. She has been working in privacy and data protection ever since completing her degree in Law, including roles at fashion group Arcadia and Vodafone Group. Pascale’s main goal is always to put privacy at the heart of the business.

Utiq’s mission is to enable more responsible digital marketing by offering a telco powered privacy-first technology to Brands, Publishers and Tech Vendors operating in the adtech ecosystem. The Utiq technology consists of online identifiers which can be used to support and optimize digital marketing, advertising and analytics activities, whilst offering individuals enhanced choice, control and transparency, including via the application of privacy-centric controls and a dedicated privacy portal for end users, known as consenthub.

Launched in 2023, Utiq was originally backed by Deutsche Telekom AG, Orange SA, Telefónica S.A., and Vodafone Group plc. It has continued to gain support from numerous other leading telecom operators across Germany, France, Spain, Austria and soon expanding to the UK and Italy.

References:

• Pascale Arguinarena on LinkedIn
• FCC fines Verizon $1.35 million over ‘supercookie’ tracking (The Verge, May 2016)
• Utiq’s consenthub

 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Are Product Counsels in the best position to anticipate and solve privacy and AI compliance problems before we release new products to the public at large - all of it while avoiding costly delays in fast-moving projects?

Linsey Krolik is Assistant Clinical Professor at Santa Clara University School of Law, where she runs the Privacy Law Certificate and teaches Privacy Law. She is Director of the Entrepreneurs’ Law Clinic, where students work with real startups on transactional law projects, and Director of the TechEdge JD, a skills based certificate program for students interested in working in technology law. She also teaches a class called Law and Technology of Silicon Valley, with students playing the role of product or privacy counsel for a day. 

Prior to joining academia, Linsey held senior in-house roles as a product, privacy, and commercial lawyer at global companies including PayPal, ARM, and Palm. Also, she continues to consult on privacy and AI governance in her solo law practice.

References:

• Linsey Krolik on LinkedIn
• Santa Clara University School of Law
• TechEdge JD
• Entrepreneurs' Law Clinic
• Privacy Law Certificate
• Navigating AI and Data Ethics: The Essential Role of Product Lawyers and the Product Counsel Framework (Linsey Krolik, Adrienne Go, Olga Mack)
• Gam Dias: Agents Unleashed, understanding the Agentic AI stack (Masters of Privacy)

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Is it possible that a whole generation of consent-management solutions built for the EU-driven opt-in world are unsuitable for the opt-out scenario predominant in the US? How are DPOs and AI Governance professionals to deal with “shadow AI” and “shadow IT”? 

Daniel Barber is DataGrail’s CEO and co-founder. Prior to DataGrail Daniel led revenue teams at DocuSign, Datanyze (acquired by ZoomInfo), ToutApp (acquired by Marketo) and Responsys (acquired by Oracle). He also advises several high-growth startups.

References:

• Daniel Barber on LinkedIn
• Unveiling DataGrail’s 2024 Data Privacy Trends Report: The Time Data Subject Requests Surged 246% in Two Years
• DataGrail Privacy Inspector (Chrome Web Store)
• Max Anderson (Ketch): Privacy Tech spotlight I – the future of CMPs, value vs. hype in privacy compliance SaaS (Masters of Privacy, April 2025)

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Georgia Voudoulaki is Senior Legal Counsel at Bosch, certified Compliance Officer, and adjunct professor at the University of Applied Sciences in Ludwigsburg and the Cooperative State University of Baden-Württemberg in Germany. In addition to her legal and academic roles, Georgia regularly publishes articles in leading legal journals and magazines, contributing valuable insights to the evolving conversation around compliance, digital innovation, and responsible AI. 

References:

• Georgia Voudoulaki on LinkedIn
• University of Applied Sciences Ludwigsburg
• Baden-Wuerttemberg Cooperative State University (DHBW)

 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Gam Dias is a seasoned technologist and entrepreneur with a rich background in software engineering, AI, and product innovation. As a consultant, he has helped write the data strategy for Fortune Global 500 companies, innovative startups, and ambitious non-profits. He has a degree in Computer Science from the University of Liverpool and an MBA from Warwick Business School. Gam has lived in London, Leeds, Salt Lake City, Santa Cruz, San Francisco, and he currently lives in and works from Madrid, Spain.

Gam’s latest work, Agents Unleashed, distills years of experience into a compelling look at the rise of autonomous AI agents and their growing role in marketing, sales, and beyond. 

References:

• Gam Dias on LinkedIn
• Agents Unleashed (Amazon)
• Agentforce (Salesforce)
• Gam Dias: on privacy, agency, convenience, and freedom (Masters of Privacy, 2021) 
• Hubbl Process Analytics
• Diana Stern and Dazza Greenwood, From Fine Print to Machine Code: How AI Agents are Rewriting the Rules of Engagement (Stanford Law School)

 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

What is the practical case for combining CMPs and DSAR automation under a single technical solution or software provider? What do DPOs and CPOs struggle the most with when implementing effective privacy programs? Which Privacy Tech features are overvalued or undervalued?

Max Anderson is a seasoned product executive with a proven track record of bringing successful technology products to market in the consumer privacy, data management, and marketing space.

Prior to Ketch, Max was the Director of Product Management at Krux. After joining Salesforce as part of the Krux acquisition, he ran data privacy and consumer identity products at Salesforce, including the rollout of their industry-leading GDPR solution set. Prior to Krux, Max was a Product Manager at IPG Mediabrands, where he was responsible for multiple successful advertising measurement products. Max holds a BS in Chinese Literature from the University of Colorado.

References:

• Maxwell Anderson on LinkedIn
• Max Anderson, The liability in your privacy program: incomplete opt-out compliance (Ketch)
• GPC: Global Privacy Control
• Max Anderson, Dirty Data, Broken AI—The hidden threat derailing your competitive edge (Ketch)
• Andy Dale: DPO vs. CPO, present and future value of Privacy Tech, and the new US administration’s impact on the regulatory landscape (Masters of Privacy)
• Monica Meiterman-Rodriguez: automation, data minimization and comparative law in DSRs (Masters of Privacy)
• Sergio Maldonado, Some takeaways from PEPR’24 (USENIX Conference on Privacy Engineering Practice and Respect 2024)

 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

We revisit the topics of individual agency, consumer perceptions of privacy, and self-sovereign identity through the lens of a “personal AI”.

Copenhagen-based Yngvi Karlson is the Co-founder of Kin, a personal AI built on privacy and trust. After two successful exits and a career in venture capital, he set out to answer a bigger question: can AI empower us without owning us? For him, Kin is more than technology. It’s a movement to put people back in control of their data, their conversations, and their future.

References:

* Download Kin

* Yngvi Karlson on LinkedIn

* My data, my rules? Not so fast. (Sergio Maldonado, 2021)

* Dan Stone: how to own our identity, protect personal data, and escape LinkedIn (Masters of Privacy)

* Jamie Smith: AI Agents, digital identity, wallets and personal data (Masters of Privacy)

* Adrian Doerk: digital identity, digital wallets and data protection (Masters of Privacy)

* Sille Sepp: MyData Global and the fight for Human Centricity (Masters of Privacy)

* An emotional attachment to GPT 4o results in OpenAI reversing course on GPT 5 (Wired)

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Today we are taking a look at the difference between DPO and CPO roles in the US, the present and future impact of Privacy Tech in the management of privacy programs, the evolution of privacy regulation under the new US administration, and a potential Schrems III scenario. 

Andy Dale serves as General Counsel and Chief Privacy Officer at OpenAP and holds the position of Executive Board Member at The L Suite (TechGC). With extensive experience as an advisor to various companies, Andy previously worked as General Counsel and Chief Privacy Officer at Alyce, a company acquired by Sendoso in 2024, and as General Counsel and VP of Global Data Privacy at SessionM, which was acquired by Mastercard in 2019. Andy Dale earned a JD in Law from the University of Baltimore School of Law (2003-2006) and a degree from Colgate University (1996-2000).

References: 

• Andy Dale on LinkedIn
• The Data Protection Breakfast Club podcast on Spotify
• Brian Focht: Can the American Privacy Rights Act find a path to survival? (Masters of Privacy)
• Amy Worley on the American Privacy Rights Act (Masters of Privacy)
• Molly Martinson on state-level comprehensive privacy laws (Masters of Privacy)

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Where is the UK data protection reform headed? How are we to deal with behavioural advertising in the context of sports betting and gambling? Will the UK stay clear of regulating or supervising AI à la EU? 

Tim Turner has worked on Data Protection, Freedom of Information (FOI) and Information Rights law since 2001. He started at the Information Commissioner’s Office as a Policy Manager on FOI issues. After that, he was a Data Protection & FOI Officer for two councils and then an Information Governance Manager for an NHS (National Health Service) organisation. He has been offering data protection training and consultancy since 2011. Also, Tim is the author of the very popular DPO Daily newsletter and LinkedIn feed. 

References:

• Tim Turner on LinkedIn
• 2040 Training
• The DPO Daily on LinkedIn
• ICO: Action taken against Sky Betting and Gaming for using cookies without consent
• UK betting giants under fire for ads targeting at-risk gamblers (The Guardian)
• UK Data Reform: What’s Proposed (Bird & Bird)
• Stephen Almond (ICO): data protection laws as a primary tool for AI governance (Masters of Privacy)

 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Theodore Christakis is Professor of International and European Law at University Grenoble Alpes (France), Director of the Centre for International Security and European Law (CESICE), Director of Research for Europe with the Cross-Border Data Forum, Senior Fellow with the Future of Privacy Forum and a former Distinguished Visiting Fellow at the New York University Cybersecurity Centre. 

He is also Chair on the Legal and Regulatory Implications of Artificial Intelligence with the Multidisciplinary Institute on AI, and has been a member of the French National Digital Council, currently serving as a member of the French National Committee on Digital Ethics as well as a member of the International Data Transfers Experts Council of the UK Government. 

With Theodore we have gone through “the good”, “the bad”, and “the ugly” in the EDPB Opinion on LLMs and personal data. We have also examined the Deepseek affair, as well as the challenges posed by hallucinations in generative AI. 

References:

• Théodore Christakis’ SSRN Author Page
• Théodore Christakis on LinkedIn
• EDPB opinion 28/2024 on certain data protection aspects related to the processing of personal data in the context of AI models
• Discussion Paper: Large Language Models and Personal Data (Hamburgische Beauftragte für Datenschutz und Informationsfreiheit)
• Lokke Moerel: using personal data in the development and deployment of AI models (Masters of Privacy)
• Théodore Christakis, ‘European Digital Sovereignty’: Successfully Navigating Between the “Brussels Effect” and Europe’s Quest for Strategic Autonomy 
• Théodore Christakis, Cyber-Attacks – Prevention-Reactions: The Role of States and Private Actors
• Multidisciplinary Institute on AI
• Université Grenoble Alpes: Centre d'études sur la sécurité internationale et les coopérations européennes.

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

It is time for a seasonal update at the intersection of Marketing, Data, Privacy and Technology. As usual, this Newsroom is divided into five blocks: ePrivacy & regulatory updates; MarTech & AdTech; AI, Competition and Digital Markets; PETs and Zero-Party Data; and Future of Media.

TL;DL: The use of SDKs for data collection/sharing has been a common factor in various fines and lawsuits on both sides of the pond. The EDPB sparked an important debate on personal data-powered AI in the EU. Texas and California went after Allstate and Honda respectively. La Liga (ES), Netflix (NL), Meta (IR), and others received fines. The FTC put an end to personal data sales by General Motors. The My Health My Data Act (WA) was put to the test. AI “reasoning” models exploded, and then AI Agents followed. Garante (IT) blocked DeepSeek and a class action in Germany could have a major impact across the EU. Australia updated its legal framework. The biggest CDP players dissolved into adjacent markets and Google kept marching towards PET-powered AdTech.

All references and links can be found in this episode’s blog post.

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

Daniel Solove has just published a new book, On Privacy and Technology. We went through a few key concepts from it, and also had a chance to revisit other core ideas in the author’s work. 

Professor Solove is the Eugene L. and Barbara A. Bernard Professor of Intellectual Property and Technology Law at the George Washington University Law School. One of the world’s leading experts in privacy law, Solove is the author of more than 10 books and 100 articles about privacy. He has also written a children’s fiction book about privacy. He is one of the most cited law professors in the law and technology field. Professor Solove has been interviewed and quoted in hundreds of media articles and broadcasts and has been a consultant for many Fortune 500 companies and celebrities. It is to him that we owe the famous taxonomy of privacy harms, as well as very recent papers on Privacy and AI or Privacy and Data Scraping.

References:

• Daniel J. Solove on Bluesky
• Daniel J. Solove on LinkedIn
• Daniel J. Solove’s personal page
• On Privacy and Technology: Oxford University Press, Amazon. 
• The Great Scrape: The Clash Between Scraping and Privacy
• Artificial Intelligence and Privacy

 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

What is the best way to address privacy risks in the context of connected cars? Is data minimization compatible with assisted driving? What is the meaning of “Core Vehicle Data”?

Mark Jaffe leads the Rivian ethics, compliance and privacy program. This includes ethical culture, compliance oversight, privacy, and investigations. 

Prior to joining Rivian, Mark was Senior Vice President for Privacy at Teleperformance, a global business process outsourcer with over 400,000 employees operating in over 80 countries, spending almost two years in Singapore managing privacy issues in the Asia Pacific region. He has also dealt with data protection compliance in Europe, Middle East, and Africa.  Prior to that, Mark spent 17 years at AT&T in global privacy roles as well as global compliance and ethics roles.

Our guest is a frequent speaker on a variety of topics related to privacy compliance and data ethics. Mark earned his B.A., cum laude, from Duke University and his J.D., cum laude, from Northwestern University. 

References:

• Mark Jaffe on LinkedIn
• Rivian’s Privacy Hub
• FTC bans General Motors from selling driving data without permission, adding to case for CarPlay 2 (9to5Mac, January 2025)
• 800,000 EV drivers’ data exposed in Volkswagen breach (The Register, January 2025)
• Privacy Not Included, a Mozilla Report about connected cars and privacy (“It’s Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy”, September 2023)
• Investigation by Netherlands' DPA prompts changes to Tesla security cameras (IAPP, 2023)
• Tesla workers shared sensitive images recorded by customer cars (Reuters, 2022)
• Privacy4Cars

 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

An update was due at the intersection of MarTech/AdTech and the My Health My Data Act, with a Washington Consumer Protection Act case against Costco paving the way for the recent class action lawsuit involving the Amazon Ads SDK. Also, the date is approaching for compliance with restrictions on international transfers of US personal data.

Mike Hintze is a well-known leader in the field with more than 20 years of experience in privacy and data protection. He has been a partner at Hintze Law since 2016 and prior to that was Chief Privacy Counsel at Microsoft for 18 years. He also teaches privacy law at the University of Washington school of law and has served on multiple advisory boards. He has also testified before Congress, state legislatures or European regulators. 

References:

• Mike Hintze on LinkedIn
• The Washington My Health My Data Act - Parts 1 to 10 (Hintze Law)
• New U.S. Regulations Impose Significant Restrictions on Cross-Border Data Flows
• AI governance, MHMD, and third-party risks at PSR 2024 (Masters of Privacy)
• Written summary: P.S.R. Los Angeles 2024: Vendor Audits; My Health, My Data
• Amazon Sued in First 'My Health, My Data' Privacy Dispute.

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

As of today, February 16th, Google’s platform policies allow the collection, sharing and usage of IP addresses and other signals across websites, apps, gaming consoles or Connected TV. This has been perceived as a direct contradiction of the company’s long-term anti-fingerprinting policy. The company is expecting that a growing reliance on Privacy Enhancing Technologies will do away with the resulting privacy risks. 

Daniel B. Rosenzweig is the Founder & Principal Attorney at DBR Data Privacy Solutions. He advises clients on legal and technical compliance with data privacy and AI laws, and counsels companies on industry mobile app store requirements, AdTech, and privacy-enhancing technologies (PETs).

Daniel’s legal practice is unique in that he develops and codes technical solutions to help serve as a bridge between legal, marketing, and technical teams, in addition to providing clients the usual legal services.

References:

• Daniel B. Rosenzweig on LinkedIn
• DBR Data Privacy Solutions
• Google: Overview of the Platforms programs policies update (February 2025)
• ICO: Our response to Google’s policy change on fingerprinting
• AdExchanger: Does Google’s U-Turn On Fingerprinting ‘Open New Opportunities’ Or Is It ‘Irresponsible’?
• Peter Craddock: ePrivacy exceptions, advertising, analytics, the limits of consent and server-side processing (Masters of Privacy)
• Sergio Maldonado on PETs and AdTech: Some takeaways from PEPR’24 (USENIX Conference on Privacy Engineering Practice and Respect 2024) 

 

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe

This was a really eventful week for AI regulation, with the first rules of the AI Act starting to apply on Sunday, February 2nd and the EU Commission releasing Guidelines on Tuesday (prohibited practices) and Thursday (scope of AI systems). To cap it all, a first-ever class action under the new framework (alongside the GDPR and the Digital Services Act) was filed on Wednesday against X-Twitter and TikTok. 

The following conversation with Markus Wünschelbaum, with a particular focus on digital advertising and AdTech, preceded and rightly anticipated these developments. 

Dr. Markus Wünschelbaum currently serves as Policy and Data Strategy Advisor to Hamburg’s Data Protection Commissioner Thomas Fuchs. In this role, he advises on key data protection & AI policies and strategic initiatives. Previously, he was responsible for imposing fines, fundamental GDPR issues, and freedom of information. He began his career focusing on the intersection of labor law and data protection, having published an acclaimed doctoral thesis on this topic and working at an international law firm.

References:

• Dr. Markus Wünschelbaum on LinkedIn
• Hamburg’s Data Protection Commissioner (Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit)
• Guidelines on prohibited artificial intelligence (AI) practices, as defined by the AI Act (EU Commission)
• Guidelines on AI system definition to facilitate the first AI Act’s rules application (EU Commission)
• Class Actions Filed Against TikTok and X in Germany: A Test for the DSA, GDPR, and AI Act (Spirit Legal - Peter Hense)
• Peter Hense (Spirit Legal) on Masters of Privacy
• Luca Bertuzzi (Euractiv)

This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.mastersofprivacy.com/subscribe