Of DPIAs and Negotiations - Dealing with Big Tech (with Sjoera Nas)

This week on Serious Privacy, Paul Breitbarth and K Royal speak with Sjoera Nas. Sjoera is a long time privacy professional and privacy activist. She became involved with digital rights in the late 1990s and early 2000s, while working for the Dutch internet service provider XS4all, and later for civil rights group Bits of Freedom. But Sjoera is probably best known for her work at the Dutch Data Protection Authority, where she took the lead within the so-called Internet Team, leading investigations into anything that was happening online, from cookies and trackers, to interactive television, search engines, and picking long fights with ICANN on their WhoIs register and telco’s on data retention. Since four years, Sjoera is a consultant for Privacy Company, still based out of the Netherlands, but doing work with global impact. Together with her team, she writes extensive data protection impact assessments on a range of cloud services, like Office365, Google Workspace and Microsoft Sharepoint and OneDrive. Her customer: the Dutch government and higher education system, which surely helps when it comes to negotiating risk mitigation measures. During this episode, we talk at length about conducting technical deep dive DPIAs, that everyone can benefit from, and negotiating risk mitigating measures with Big Tech. But we also cover international transfers (remember those?) and Google Analytics alternatives.As always, please feel free to share your thoughts with us - therewill be a year end show on the best episodes. Get your vote counted! Follow us on LinkedIn as Serious Privacy and on Twitter @podcastprivacy @EuroPaulB and @HeartofPrivacy. ResourcesThe blog posts linked below contain the summaries of each of the DPIAs referred to during the podcast. Via the blog, you will also find the full DPIA document, including annexes, to read. Even though they are lengthy, we highly recommend reading and using them if your company uses any of these products.The Privacy Company blog Blog post about the DPIA for Microsoft Sharepoint, OneDrive and TeamsBlog post about the DPIA for Google WorkspaceBlog post about the DPIA for Office365Blog post about Google Analytics alternatives (in Dutch only)SLM Rijk (the Shared Service Center for the Dutch Government) DPIA Overview The NoGA project (No Google Analytics) If you have comments or questions, find us on LinkedIn and IG @seriousprivacy @podcastprivacy @euroPaulB @heartofprivacy and email podcast@seriousprivacy.eu. Rate and Review us! Proudly sponsored by TrustArc. Learn more about NymityAI at https://trustarc.com/nymityai-beta/ #heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO

Om Podcasten

For those who are interested in the hottest field in a technology world. Whether you are a professional who wants to learn more about privacy and data protection or someone who just finds this fascinating, we have topics for you from data management to cybersecurity to social justice and data ethics. In-depth information on serious privacy topics. This podcast, hosted by Dr. K Royal and Paul Breitbarth, features open, unscripted discussions with global privacy professionals (those kitchen table or back porch conversations) where you hear the opinions and thoughts of those who are on the front lines working on the newest issues in handling personal data. Real information on your schedule - because the world needs serious privacy. Follow us on Twitter: @PodcastPrivacy or LinkedIn