In October 2024, the Data Use & Access Bill (DUAB) was introduced to Parliament, proposing changes to data protection rules in the UK.

But what is the impact of the Bill, and what will it mean for you – the practitioners responsible for compliance in day-to-day business?

Join us for a practitioner-focused discussion with Data Protection Officer Dom Newton from The DPO Centre, where we’ll cut through the legal jargon and explore the real-world impact of the Bill on data protection professionals.

Key topics we’ll cover:

• What’s changing? A breakdown of the Bill’s impact
• DPIAs, ROPAs & AI: Will your responsibilities increase?
• What’s next? The latest developments and what to expect in 2025.
• The DPO perspective: What your peers are saying about these changes.

Dom Newton is a CIPP/E and CIPM accredited Data Protection Officer (DPO) with over a decade’s experience in the field. He has worked across the Finance, Information Technology, Education, and Charity sectors, helping organisations understand privacy risks and aligning data protection practices with business needs.

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
• Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

Guest: Yagmur Sahin, Information Governance and Data Protection Manager at Data Privacy Simplified
Host: Jacob H. Larsen, Wired Relations

In this episode, Jacob H. Larsen sits down with Yagmur Sahin, a qualified lawyer with dual master’s degrees in law and cybersecurity, to discuss her unique career journey into data protection. Yagmur shares insights on fusing law and tech, the growing importance of data protection, and the skills required to thrive in this dynamic field.

Key Topics Discussed

• Yagmur’s Career Path: From criminal and employment law to cybersecurity and data protection
• The Turning Point: How her distaste for mass surveillance and digital profiling led her to pivot her career
• Legal vs. Technical Approach: The benefits of having both legal and technical expertise in data protection
• Diverse Backgrounds in Data Protection: Why professionals from various fields can thrive in this industry
• Essential Skills for Data Protection Professionals:
  • Analytical thinking
  • Strong communication skills
  • Adaptability and resilience
  • Research skills and continuous learning mindset
• The Importance of Data Protection:
  • Safeguarding personal rights and freedoms
  • Building trust in businesses and compliance culture
  • Addressing challenges posed by AI, quantum computing, and data profiling

Key Takeaways

• Data protection is not just about compliance; it’s about trust, autonomy, and safeguarding people’s rights.
• Professionals from various backgrounds, legal, technical, marketing, psychology can succeed in this space.
• Organisations must embed data protection into their culture to maintain trust and meet regulatory standards.
• Passion, curiosity, and a problem-solving mindset are more important than a specific degree when entering this field.

Resources & Links

• Connect with Yagmur Sahin on LinkedIn: https://www.linkedin.com/in/data-privacy-yagmursahin/

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
• Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

In this podcast you get a 7-step cheat sheet to securing buy-in for your data protection programme.

Get the presentation here: https://3963040.fs1.hubspotusercontent-na1.net/hubfs/3963040/Presentations/20240425_masterclass_DPIA%20securing%20buy-in.pptx.pdf

The steps are:

🎯 What do you really want?

🌍 What do they think about this right now?

🎤 What will they lose by not doing what you think?

🗞 Where can you reach them?

👯 Who will support you?

🧠 Speak to the mind … and the gut

📅 Get organised

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
• Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

The DPIA process is important. In this podcast we look at it from the organisational perspective. How do you make it work - not legally or technically - but organisationally.

You find the presentation here: https://3963040.fs1.hubspotusercontent-na1.net/hubfs/3963040/Presentations/20240405_masterclass_DPIA.pptx.pdf

It:

• Supports good decision-making,
• Good governance
• Compliance
• Often no DPIA is required – documents the non-action
• It is also good practice to do a DPIA for any other major project which requires the processing of personal data. (ICO)

However, data protection often doesn't now when a new system is coming on board. 

It is a cultural issue and we have to do many things to chance it:

• Training and awareness
  • Don’t forget VIP’s
• Let’s put it in a policy (and get it out there)
• Hybrid organisation and ambassadors
• We have a process (or more)
• We have buy-in
• Ask…

That is what you'll learn about in this podcast.

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
• Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

Shifting Privacy Left is a conscious effort to embed privacy practices earlier in the development life cycle to prevent privacy harms and data breaches from forming, Privacy Tech Advisor Debra Farber says.

In this interview Debra Farber and I discuss what Shifting Privacy Left does, how it helps organisation, what competencies are needed and how it is implemented.

My take-aways from the interview:

• Privacy requirements should be table stakes and functional product requirements, not something that comes from legal or the privacy team.
• Privacy by Design is the strategy, Shifting left is the implementation.
• It's a cultural shift which requires upskilling. Today, most developers, don't think privacy is their responsibility. Therefore, they should learn about privacy and data protection.
• Shifting Privacy Left can solve problems, lessening the compliance burden down the line. 

You host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Debra J. Farber is a globally-recognized Privacy, Security and Ethical Tech Advisor and Principal and Host of The Shifting Privacy Left Podcast.

The Shifting Privacy Left Podcast: https://shiftingprivacyleft.com/audio/8323

Sustainable Compliance is brought to you by Wired Relations - read more about here: https://www.wiredrelations.com

Making a Data Protection Impact Assessment (DPIA) on Google Workspace for schools is a huge undertaking. In Norway they've decided to collaborate on it.

Today, Jacob Høedt Larsen, talk to project manager, Ida Thorsrud, about the project and learnings from it.

Some take-aways:

• It has been possible to co-operate with Google in the proces, something that Ida has never experienced before
• Parents, teachers and pupils are involved and give the project team a much better view of risks to the "data subject"
• Project participants learn a lot from the process that can be put to use in their everyday job
• Responsibility lies with the municipalities. Therefore, the project aims at making it 80 % ready.

You can follow the project by subscribing to their English newsletter:
https://nyhetsbrev.ks.no/p/s/MTk4ODA6ZmUyZjg3ZTQtYWZmYS00NGZjLWE2MzItYmNkNjFlNmEyOTBm

Follow your host, Jacob Høedt Larsen, on Linkedin for more news and views on Sustainable Compliance: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about us here. 

From tick-the-box compliance to balanced decision-making
In this episode we'll go deeper into the second trend of Sustainable Compliance and look at why things are changing from a mindset of "tick-the-box compliance" to a "balanced decision-making". We'll also share learnings on how to get there.

Why tick-the-box compliance is not a great idea.

• 💵 Calculating 4 % of global revenue for fines does not make sense anymore.
  • To most companies discovery risk is low, and the level of fines have never reached that level.
• 👮🏻‍♀️Management buy-in should not be based on fear of fines.
  • It should be based on how the privacy program positively benefits the organisation.
• 📚 Legal requirements are important.
  • So are the demands and wishes of our customers, colleagues, local community and other stake holders.
  • We should broaden the scope of our privacy compliance.
• 💻 Spread sheets are great for many things (I'm told).
  • They proved less optimal for privacy compliance because keeping them up-to-date became a hassle. Many have not been updated since 2018.
• ✅ Tick-the-box compliance is dying. And we shouldn’t lament that.
  • Instead, let’s replace it with making balanced decisions on data compliance taking the law, value creation and public expectations into account.
• 😇 Feeling good about your job is important.
  • However, only feeling good when you ARE compliant will make you feel miserable most of the time.
  • Let’s feel great about the process of compliance.
• 🧑🏼‍💻 And finally. Data compliance is real work and provides benefits to the organisation.

Follow your host, Jacob Høedt Larsen, on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/

Read more about the cooperation problem, Officers and Operators on our blog: LINK

Sustainable Compliance Live is a weekly show and you’re invited. Subscribe to our newsletter and get the agenda every week: https://www.wiredrelations.com/datasustainability#data-sustain-form

The five trends of Sustainable Compliance are:

Trend # 1 From centralized authority to company-wide collaboration

Trend # 2 From tick-the-box compliance to balanced decision-making

Trend # 3 From problem-oriented to solution-oriented

Trend # 4 From legal thinking to strategic involvement

Trend # 5 From managing data subject to caring about people

Lack of collaboration with your organisation is detrimental to your privacy and infosec programme.

If you’re unable to create a climate of collaboration within your organisation, you will be less effective as a compliance pro AND data protection and information security will suffer.

The solution: Officers and Operators.

This is what we discuss in this episode of Sustainable Compliance Live, a weekly online show from Wired Relation where we discuss sustainable compliance.

Follow your host, Jacob Høedt Larsen, on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/

Read more about the cooperation problem, Officers and Operators on our blog: LINK

Sustainable Compliance Live is a weekly show and you’re invited. Subscribe to our newsletter and get the agenda every week: https://www.wiredrelations.com/datasustainability#data-sustain-form

The five trends of Sustainable Compliance are:

Trend # 1 From centralized authority to company-wide collaboration

Trend # 2 From tick-the-box compliance to balanced decision-making

Trend # 3 From problem-oriented to solution-oriented

Trend # 4 From legal thinking to strategic involvement

Trend # 5 From managing data subject to caring about people

In this live episode of Sustainable Compliance we take a look back on how the compliance landscape has changed over the years and gather the trends that we see in this space now.

Jacob Hoedt Larsen starts by taking us back to the days when he worked in a candy factory that was implementing some of the first IT systems through the times of mass adoption of systems to now. We will see how the role of the compliance function has changed over time to become involved in much more that just the legal aspect.

• Trend # 1 From centralized authority to company-wide collaboration
• Trend # 2 From tick-the-box compliance to balanced decision-making
• Trend # 3 From problem-oriented to solution-oriented
• Trend # 4 From legal thinking to strategic involvement
• Trend # 5 From managing data subject to caring about people

For more information about Sustainable Compliance, visit our website 

Follow Jacob Hoedt Larsen on LinkedIN

DPIA spells collaboration

In this episode, they dive into the topic of Data Protection Impact Assessments (DPIAs) and the importance of collaboration in ensuring privacy-friendly practices.

In this podcast you will learn about:

• The consequences of being in a siloed compliance function
• Why you as a privacy professional should ensure company wide collaboration
• How you go from working in a silo to company wide collaboration
• You will learn about how to use frameworks and stakeholder management as tools to collaborate in a better way.

Jakob tells the story of Jennifer, who finds herself in a challenging situation involving a project and the need for a DPIA. The host, Benjamin, and Privacy evangelist, Jacob, discuss the misconceptions surrounding DPIAs and the typical scenarios that lead to their implementation.

The podcast delves into the consequences of asking compliance professionals to justify decisions that have already been made, rather than focusing on privacy-friendly practices from the start. They explore the concept of siloed compliance functions and how it affects organizations' overall data protection efforts.

To address these issues, Benjamin and Jakob propose a shift towards company-wide collaboration, emphasizing the importance of involving privacy professionals early in the project lifecycle. They discuss the ideal meeting scenarios and ways privacy professionals can contribute to the process.

Your hosts: Benjamin Pomerleau (https://www.linkedin.com/in/benjamin-pomerleau/) is a product marketeer at Wired Relations. Jacob Høedt Larsen (https://www.linkedin.com/in/jacobhoedtlarsen/) is a privacy evangelist at Wired Relations. As well as hosting this podcast, he discusses and shares on privacy compliance on Linkedin daily.

Wired Relations is a privacy tool for GDPR and InfoSec Management. It helps you automate and collaborate on your privacy workflow to get trustworthy faster.

www.wiredrelations.com/datasustainability

Privacy and marketing are like oil and water. But, it doesn't have to be that way.

In this talk with founder of Raze, Siobhan Solberg, we dive into, how we improve this relationship. Siobhan is an expert on both marketing and privacy and has worked on several projects involving both.

We talk about:

1️⃣ How privacy can help grow companies
2️⃣ How marketing and privacy can work together
3️⃣ What gets in the way of such collaboration and
4️⃣ What can be done to improve it.

My (Jacob Høedt Larsen) biggest take-aways from this talk:

✅ Marketing can help privacy communicate the things we do to build trust
✅ Many marketing people felt that privacy pulled the rug from under them.
✅ We need to understand, that we all serve the same user - that's really a common goal between privacy and marketing.

Share your take-aways with Jacob Høedt Larsen on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/

Siobhan Solberg (https://www.linkedin.com/in/siobhans/) is the founder Raze. You should subscribe to her newsletter: https://siobhansolberg.com/newsletter

Your host: Jacob Høedt Larsen (https://www.linkedin.com/in/jacobhoedtlarsen/) is a privacy evangelist at Wired Relations. As well as hosting this podcast, he discusses and shares on privacy compliance on Linkedin daily.

Wired Relations is a privacy tool for GDPR and InfoSec Management. It helps you automate and collaborate on your privacy workflow to get trustworthy faster.

www.wiredrelations.com/datasustainability

Jacob has been interviewed by Jamal Ahmed for his podcast: Privacy Pros podcast. We're reposting it here, and you should follow the podcast feed from Jamal as well https://privacypros.captivate.fm/

This is the original description of the podcast.

Turbocharge Your Mental Skills & Transform Your Career with a Privacy Powerhouse

Get ready for an electrifying and transformative podcast experience!

Our guest is a Privacy Pro with a powerful, dynamic approach to storytelling and coaching. He's worked with athletes and SWAT leaders, honing their mental skills to maximise performance and success.

Hi, my name is Jamal Ahmed and I'd like to invite you to listen to this special episode of the #1 ranked Data Privacy podcast.

In this gripping episode, you'll discover:

• The art of strategic storytelling and how to use it to drive transformation
• How to talk about privacy in a way that sparks motivation and enthusiasm
• How to master rapport-building to forge powerful connections

Plus: the visualisation technique athletes use for high-performance and success!

Episode Summary:
In this episode of Sustainable Compliance, host Jacob H. Larsen talks with Susanne Bitter, a seasoned information security and data protection expert with over 15 years of experience. Susanne shares her insights on the transformative role of AI in cybersecurity, the challenges of governance and supply chain risks, and why getting the basics right is still critical. 

Key Topics Discussed:

• AI's Role in Cybersecurity: The benefits and risks of AI, from increased productivity to challenges like data breaches and misinformation.
• Governance in AI: The importance of context, governance, and understanding AI’s underlying processes to reduce risks.
• Supply Chain Risks: How organisations can choose the right partners and manage complex digital supply chains effectively.
• The Human Factor in Security: Why simplifying security measures for end users is key to improving overall organisational defenses.
• Ethics and Privacy: The growing importance of privacy and data protection in an interconnected world, and how individuals and organisations can protect sensitive data.
• Susanne’s Journey: How Susanna’s passion for computers and logic led her to a fulfilling career in cybersecurity and information security.

Quotable Moments:

• “AI governance isn’t just about technology; it’s about understanding how and why decisions are made in the context of your organisation.”
• “Let’s not forget the basics—strong passwords, good governance, and effective collaboration are still at the heart of information security.”
• “We’ve learned how to use technology, but using it safely? That’s an ongoing challenge.”

About Our Guest:
Susanne Bitter is the Head of Regional Strategic Alliances at the Cybersecurity Forum Initiative and a passionate advocate for AI governance, supply chain security, and data protection. With a strong belief in collaboration and education, Susanna is committed to making complex cybersecurity topics accessible and actionable for organisations and individuals alike.

Resources Mentioned:

• Susanna Bitter’s LinkedIn Profile: https://www.linkedin.com/in/susanne-zuzana-bitter/

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
  • Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

"If you just have that legal focus, you may be perceived as the necessary evil, rather than being a partner," says Tim Clements in this podcast.

Tim and Jacob talks about:

1️⃣ The 3 top issues in data protection programs
2️⃣ Which competencies are needed in privacy pros in the future and
3️⃣ How to train for it

Jacob's take-aways from this interview:

✅ In many companies data protection is seen as a purely legal issue. That's a problem.
✅ Data protection is a team sport (and lawyers are the goal keepers - you don't want 11 of those in your football team).
✅ Your job as a privacy pro is making complex concepts easy to make it a great experience for your colleagues, management and customers.
✅ Look to other sectors for inspiration. The advertising industry is great at getting attention.
✅ The best course Tim ever took on privacy... was business analysis.
✅ Training employees should be empowering. They should take responsibility and even create their own materials.
✅ You should have a data protection strategy and it should be aligned with business strategy.

Share your take-aways with Jacob Høedt Larsen on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/

Tim Clements (https://www.linkedin.com/in/tim-clements-copenhagen/) is the founder of Purpose and Means (https://www.purposeandmeans.io/), the home of purpose-driven data protection strategies.

Your host: Jacob Høedt Larsen (https://www.linkedin.com/in/jacobhoedtlarsen/) is a privacy evangelist at Wired Relations. As well as hosting this podcast, he discusses and shares on privacy compliance on Linkedin daily.

Wired Relations is a privacy tool for GDPR and InfoSec Management. It helps you automate and collaborate on your privacy workflow to get trustworthy faster.

www.wiredrelations.com/datasustainability

Are you looking to break in to privacy?

Or take your privacy career to the next level?

Don't miss this privacy career advice from Michael Jared Coseglia of TRU Staffing Partners. He has placed over 5,000 privacy pros in jobs over the years.

We talk about important skills for privacy professionals and Jared reveals THE most important one.

Jacob Hoedt Larsen's take-aways from the conversation (listen and share your own take-aways):

1. Privacy is an open industry. It is possible to transition from other career paths to privacy.
2. It's a fast-paced business. What employees are looking for changes often, so stay flexible and up-to-date.
3. Regulatory compliance pays less than broader based privacy compliance.
4. Hiring companies look for mid-market professionals, that is middle-managers with 5-7 years of experience.
5. People skills is THE superpower of privacy professionals.

Jared Michael Coseglia is the founder and CEO of TRU Staffing Partners, which represents talent in privacy, cybersecurity and e-discovery.

TRU Staffing Partners: https://www.trustaffingpartners.com/
TRUE Staffing Partners Knowledge Center: https://www.trustaffingpartners.com/knowledge-center

Host: Jacob H. Larsen, Privacy Evangelist at Wired Relations, host of Sustainable Compliance.
Follow him on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/

Wired Relations is a privacy tool for GDPR and InfoSec Management. It helps you automate and collaborate on your privacy workflow to get trustworthy faster.

We want to rethink compliance - join us: https://www.wiredrelations.com/datasustainability

Create a free account and test the privacy compliance system: https://www.wiredrelations.com/start/create-account

Most compliance professionals feel overwhelmed by the constant stream of information about their area. New legal developments, new technical stuff to look into and on top of that internal things like new systems and ways of working.

Information overload can hamper a privacy program.

In this episode Jacob H. Larsen speaks to Rie Walle about getting a system to stay up-to-date.

Take aways on making a system for staying current:

1. Find your trusted sources. Be critical.
2. Use the wisdom of the crowd.
3. Opt-out. Be clear about what you do NOT need to know.
4. Put it in a system. Jacob uses a simple Database in Notion, Rie utilizes Excel
5. Focus on the basics
6. THEN specialize
8. Make use of the privacy and compliance network - it's a friendly one
9. Put "studying" in your calendar at least once a week

Host: Jacob H. Larsen
Follow him on Linkedin for news, views, how-tos and tools about compliance, privacy and information security: https://www.linkedin.com/in/jacobhoedtlarsen/
By: Wired Relations - www.wiredrelations.com

Rie Walle is a Grumpy GDPR podcast host, Speaker & Lecturer  as well as an External/Fractional DPO
Linkedin: https://www.linkedin.com/in/riealeksandra/

No Ties Consulting: https://www.noties.consulting/

Grumpy GDPR podcast: https://www.noties.consulting/grumpygdpr/

Data compliance is broken. 

- Increasing regulations, 
- high public expectations, 
- and real business needs 

have made the data layer exceedingly complex. 

It’s not balanced with its surroundings anymore. 

We have to rethink the function and organisation of compliance — and in this podcast we invite you to join that conversation - www.wiredrelations.com/datasustainability

Sustainable Compliance will bring you interviews, tools of the trade and Live debates on rethinking data compliance.

In this episode, Jacob Høedt Larsen, talks to Claire Archibald about:

Claire's Background: Claire Archibald, a legal director at Browne Jacobson, specializes in data protection and information governance in education, with a strong passion for children’s and staff privacy in schools.

Path into Data Protection: Claire’s career began in regulatory law, notably environmental law, which had parallels with data protection, especially regarding compliance and regulatory pressures. Her diverse experiences, including mediation and working in education, naturally led her into data protection.

Challenges in Data Protection for Education: Claire highlights that many schools in the UK lack proactive privacy programs, often reacting to data breaches without thorough root-cause analysis or strategic planning.

Safeguarding and Privacy: She stresses that privacy and safeguarding are not mutually exclusive; instead, strong data protection measures can support safeguarding efforts within schools.

Role of DPIAs: Claire is a strong advocate for Data Protection Impact Assessments (DPIAs) as a valuable tool for schools to understand the "why" behind their data processing activities, which helps mitigate risks and improve decision-making around digital tools.

Vendor Influence and Digital Strategy: Schools often rely on EdTech vendors' sales pitches without sufficient critical analysis. This has led to a lack of strategic oversight, with schools frequently adopting new technologies without clear justifications or understanding of their impacts.

Operational and Strategic Gaps: Schools often struggle with operational confidence in data protection, and trustees, who may lack time or resources, aren’t fully aware of strategic risks, resulting in a reactive rather than proactive approach to data protection.

Personal Stories and the Importance of Privacy: Claire shares experiences showing the real-life impact of privacy issues, particularly on vulnerable groups like children and individuals with specific needs, emphasizing the nuanced harms that can arise from data misuse.

Future Concerns in Data Protection: Claire is concerned about the accumulation of unnecessary data (“haystacks”), as this approach complicates data management, increases potential harm, and has environmental costs.

Children’s Technology Use and Privacy: She highlights society’s cognitive dissonance around children’s use of technology—on one hand, technology is encouraged for educational use, while on the other, it poses risks to children's mental health and data privacy through tracking and recommender systems.

Follow Claire on LinkedIN: https://www.linkedin.com/in/claire-archibald-dpo/

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
• Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

“Will we live in a world where tracking is the norm, or are we going to fix this global issue?”

Arthur Edelstein is concerned for the future of the web and people's privacy online. 

He is a senior research and privacy engineer at Brave browser and founder of the project privacytests.org, where he runs objective privacy tests on major web browsers.

Here he is focused on uncovering the hidden privacy risks, and his work tests how browsers handle issues like fingerprinting and cookies – results that are shared publicly. 

We talk about his most important findings. We also talk about:

1. Why he chose privacy as a career
2. Why it is important
3. What he is interested in right now and
4. What he is most worried about when it comes to the future of digital privacy.

Reach out to Arthur Edelstein on Linkedin and check out his project privacytests.org 

In today’s episode, we dive deep into the world of privacy red teams—where the goal isn’t just to protect data, but to break it first. Join us as we explore how this adversarial approach helps businesses identify and fix vulnerabilities before they become threats.

Your host Jacob Høedt Larsen speaks to red team expert, Rebecca Balebako.

Rebecca is a Privacy Engineer, who has worked with RAND corporation and Google.  She now runs her own business, Balebako Privacy Engineer in Switzerland.

Find her on: https://www.privacyengineer.ch/

In this episode we talk about he e-book on adversarial privacy testing. Get your free copy here: https://www.privacyengineer.ch/blog/

We also talk about:

1. Why he chose data protection as a career
2. Why it is important
3. What he is interested about right new and
4. What he is most worried about when it comes to the future of data protection

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
• Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

"Hang on, let's look at what their day to day job is, what their business processes are, and optimize those processes so they become inherently compliant," Jonathan Craven says about his perspective on creating great data protection and information security.

Jonathan Craven was previously Global Privacy Operations Lead at iRythm Technologies, now a self employed consultant. He came to data protection from a background and career in psychology and we talk about how that has informed his view on how to create a culture of data protection.

We also talk about:

1. Why he chose data protection as a career
2. Why it is important
3. What he is interested about right new and
4. What he is most worried about when it comes to the future of data protection?

Reach out to Jonathan Craven on https://www.linkedin.com/in/jonathanbcraven/

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
• Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

"So first of all, OG privacy people who were scrappy and had to fight really hard to get any kind of budget and to even get people to understand that this was a necessary component of a business. They're ready for anything," Shoshana Rosenberg says in this podcast.

We discuss:
- The future of AI and whether privacy people are equipped to take that on.
- The importance of privacy in feedback and inclusion data
- ... and how Shoshana ran towards a career in privacy

Shoshana Rosenberg is a chief AI governance and privacy officer at WSP in the US, founder of SafePorter, a Privacy-by-Design engangement feedback and diversity and inclusion tool that won the PICASSO EU Privacy Award in 2023. Moreover, she is the programme advisor to Logical AI Governance. Find her on Linkedin: https://www.linkedin.com/in/shoshanarosenberg/

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
• Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

"My life has been filled with epiphany moments, you know,  moments where the scales have fallen from my eyes and I thought, ah, get it," says Emma Martins in this interview.

For a number of years Emma Martins was the Data Protection Commissioner at the Office of the Data Protection Authority of the Channel Islands. She now advises on data protection matters.

In this interview, Emma Martins talks about her epiphany moments that led her to a career in data protection. We talk about why data protection is important, what excites her about it and what she is worried about ... and much much more.

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
• Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

At TDC NET they have a strong privacy and security culture. No system or vendor enters the network without being thoroughly vetted by both data protection and information security. This happens due to a governance model that is anchored in the organisation and has buy-in at top management.

TDC NET provides a great part of the digital infrastructure in Denmark, through fixed-line and mobile networks.

In this podcast, Jacob Høedt Larsen, talks to Head of Privacy Compliance, Mona Persson about how they make it work.

They discuss:

1. How the governance model is set-up
2. How a new system or a new vendor goes through the governance process
3. What it takes to make it all work

You'll gain practical insights into how to set-up your own process.

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
• Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

The Powerpoint-presentation: https://3963040.fs1.hubspotusercontent-na1.net/hubfs/3963040/Webinars/Pr%C3%A6sentation%20til%20andre%20BU%20-%20Wired%20(english).pptx.pdf

Follow Mona Persson on Linkedin: https://www.linkedin.com/in/monapersson/