Building a Balanced Privacy Program

Linda Thielová serves as Head of Privacy, COE, and DPO at OneTrust, the #1 most widely used privacy, security, and trust technology platform. In her role, Linda provides guidance on GDPR, EU privacy, and global privacy related obligations to support customers and product innovation. She’s responsible for overseeing OneTrust’s data protection strategy and implementation to ensure compliance with GDPR requirements.

Linda also conducts training and workshops on the global privacy landscape and regularly contributes to various publications and conferences. Additionally, she is a multi-certified Information Privacy Professional.

Here’s a glimpse of what you’ll learn:

• Linda Thielová shares how her career has evolved into her current position at OneTrust
• What are successful companies doing to balance privacy and technology?
• Potential opportunities for businesses as new privacy laws come into play
• How companies are navigating privacy laws that don’t quite line up
• Advice for starting your company’s first privacy program
• Why data maps are essential in case of a data breach
• The biggest challenges that businesses face today in the ever-changing privacy landscape
• Linda’s best tip for privacy professionals: don’t get burned out

In this episode…

The privacy and security landscape is constantly shifting and more and more regulations are being introduced. How can you build a suitable privacy program when the laws don’t always line up?

The most successful companies have an element of agility in their privacy programs. The key is striking the right balance. This means adjusting to whatever law crosses the board, while also focusing on the ultimate goal — building trust with your key stakeholders. Successful companies recognize the need to comply, but they also ask themselves: why are we doing it? And how are we benefiting both the business and those stakeholders in the process?

In this episode of the She Said Privacy/He Said Security podcast, hosts Justin and Jodi Daniels are joined by Linda Thielová, Head of Privacy, COE, and DPO at OneTrust, to talk about building a balanced privacy program. Linda shares examples of companies who are successfully navigating new privacy laws, the importance of a data map, and the biggest privacy challenges that businesses face today.

Resources Mentioned in this episode

• Linda Thielová on LinkedIn
• OneTrust
• Jodi Daniels on LinkedIn
• Justin Daniels on LinkedIn
• Red Clover Advisors’ website
• Red Clover Advisors on LinkedIn
• Red Clover Advisors on Facebook
• Red Clover Advisors’ email: info@redcloveradvisors.com

Sponsor for this episode…

This episode is brought to you by Red Clover Advisors.

Red Clover Advisors uses data privacy to transform the way that companies do business together and create a future where there is greater trust between companies and consumers.

Founded by Jodi Daniels, Red Clover Advisors helps their clients comply with data privacy laws and establish customer trust so that they can grow and nurture integrity. They work with companies in a variety of fields, including technology, SaaS, ecommerce, media agencies, professional services, and financial services.

You can get a copy of their free guide, “Privacy Resource Pack,” through this link.

You can also learn more about Red Clover Advisors by visiting their website or sending an email to info@redcloveradvisors.com.

Episode Transcript

Intro 0:01  

Welcome to the She Said Privacy/He Said Security podcast. Like any good marriage we will debate, evaluate, and sometimes quarrel about how privacy and security impact business in the 21st century.

 

Jodi Daniels  0:21  

Hi, Jodi Daniels here. I’m the Founder and CEO of Red Clover Advisors, a certified women’s privacy consultancy. I’m a privacy consultant and Certified Information Privacy professional and provide practical privacy advice to overwhelmed company.

 

Justin Daniels  0:36  

Hi, Justin Daniels here I am passionate about helping companies solve complex cyber and privacy challenges during the lifecycle of their business. I am the cyber quarterback, helping clients design and implement cyber plans as well as help them manage and recover from data breaches.

 

Jodi Daniels  0:53  

And this episode is brought to you by Red Clover Advisors. We help companies to comply with data privacy laws and establish customer trust so that they can grow and nurture integrity. We work with companies in a variety of fields, including technology, SAS, ecommerce, media and professional services. In short, we use data privacy to transform the way companies do business. Together, we’re creating a future where there’s greater trust between companies and consumers. To learn more, visit redcloveradvisors.com. I see that basil has joined your microphone over there.

 

Justin Daniels  1:30  

He joins everything else. For those who are just

 

Jodi Daniels  1:33  

joining us Basil is our dog who sometimes likes to join our conversations. But today we have a very special guest, we have Linda Thielová, who serves as Head of Privacy, COE, and DPO at OneTrust, the  most widely used privacy, security and trust technology platform. In her role, Linda provides guidance on GDPR EU privacy and global privacy related obligations to support customers, and product innovation. She’s responsible for overseeing OneTrust, data protection, strategy and implementation to ensure compliance with GDPR requirements. She also conducts training and workshops on the global privacy landscape, which changes about every hour, and regularly contributes to various publications and conferences. Linda is a multi Certified Information Privacy professional. Welcome to the show, Linda.

 

Linda Thielová  2:28  

Oh, thank you so much for having me, Jodi, and just I’m really excited to join you today. And bezel of course.

 

Jodi Daniels  2:34  

Absolutely, yes.

 

Linda Thielová  2:36  

It was asleep. Oh, we’re not exciting enough for him. Oh, wow. Actually,

 

Jodi Daniels  2:41  

he had a really rough morning. Physical Therapists. Case all tired out. Nice. Yeah, get started.

 

Justin Daniels  2:49  

Let’s get started. So Linda, we always like to ask our guests is how did your career evolve to its current position?

 

Linda Thielová  2:57  

That’s a really good question that I sometimes get. And I’m still trying to come up with some like cohesive answer to it. Because I feel like I don’t know maybe it’s just me. But a lot of people, including me, I’m hoping just sort of find themselves stumbling into privacy from different fields. So I think I was something like that myself. And by the way, if you’re hearing dog in the background, that’s Roque saying hi, as well, my dog. But I think I was similar to many people, I was drawn into privacy through work in corporate law. So I was an in house counsel. And before that, I actually was working also in judiciary and this administrative law. And I think the common theme there was that, more than anything, I was kind of interested in human rights and constitutional law, which is super cool, but doesn’t really pay well or doesn’t really generate too many spots. And so I was trying to figure out, okay, I really excited about talking to people, I’m really excited about human rights, and I still feel like I want to land in private sector. And then somehow I found that privacy is actually kind of combination of all of these things and works for me in that way. So I was drawn more and more into privacy compliance, because no one was really doing it in the company that I worked for previously. So I ended up setting up the privacy program and just sort of, you know, deep diving into all the fun issues around the marketing and privacy and all this fun stuff around like what are cookies, what are triggers and all that and then it just sort of, I don’t know, it’s like a rabbit hole. It just got me in and kept sucking me in and here I am.

 

Jodi Daniels  4:47  

Well, I love cookies. I think they’re great. I kind of prefer chocolate chip, but the digital kinder, okay. And I alluded to and it kind of made fun that it feels like the privacy regulations are changing. You know, Every every hour and in your role, you’re working with a lot of different types of companies implementing privacy programs, can you share what you think successful companies are doing to balance, Privacy and Technology?

 

Linda Thielová  5:15  

You’re right, that landscape, it just keeps shifting really quickly. And I think the successful companies that we work with recognize that there always has to be some element of agility to what they’re doing with their privacy programs. But I think that the key element is striking the right balance, about being able to respond and to be adjusted to whatever is happening next, next chapter Privacy Shield next to us state level law, versus keeping in mind the bigger goal, which is, as you mentioned earlier, you’re doing as well just try trying to use privacy as a segue into building trust with your key stakeholders, be it your customers, be your key vendors. So I think the best businesses are really succeeding in privacy, have the right program setup where they’re trying to incorporate whatever new is happening into their underlying goals around well, we need to comply, but why are we doing it? And how are we actually benefiting both the business and those stakeholders like our customers in the process? I know, it sounds like a very, very tough riddle, but there might be some answers to it.

 

Jodi Daniels  6:32  

So I’m gonna ask follow up question, which is, a lot of times companies think if I just get technology, I’m done. What are what are your thoughts on on that notion? I wish it were true.

 

Linda Thielová  6:44  

But honestly, technology is great. Automation is amazing. I love it. But it’s still like a machine. So I think it would be like the equivalent of you getting yourself amazing fancy fitness machine, but never actually getting around using it. So I feel like there has to be that element of you taking in that technology, and putting it to use and really making sure that there is the whole process built around how you’re using it. So accountability, having people who own certain things, making sure that privacy isn’t like one person’s job and and company, but that there is visibility into what’s happening. And then technology can sort of slow itself in and take care of the heavy lifting the heavy work around privacy, but it doesn’t Unfortunately, due to for you, as much as we totally love.

 

Jodi Daniels  7:43  

I couldn’t agree more.

 

Justin Daniels  7:45  

So where do you see opportunities for companies as more privacy laws come into scope?

 

Linda Thielová  7:51  

That’s a really good question, Justin. And I feel like every business is going to be slightly different just based on where they find themselves in terms of what they’re providing a services, or what kind of sector they’re at thought, I think privacy is a really good opportunity for businesses to take a little bit of a lay of the land in terms of what sort of data they have and how they’re using it, and maybe uncover opportunities for how they can tap into the potential of data usage a little bit better. So I think, in a way, I imagined privacy as a way for business to be more aware and more interconnected and intentional, around what they’re doing with their data, I knew that there is this whole phenomenon by I guess, expressed by so many people around like privacy means we need to drop everything, delete everything and stop using the data. But I feel like if businesses are actually more intentional and more transparent about how they’re using the data, they can actually accrue more data through trust of their customers or their vendors. And they can actually build a very solid foundation and strategy around how they’re processing personal data. And that whole transparency element can then feed into that longer term trust and relationship with the customers. So I know that sometimes sounds too good to be true. But I’m very, very, like convinced that this can be achieved, and that it is a goal worth fighting for and working towards every day.

 

Jodi Daniels  9:28  

One of the challenges I see companies have is there’s so many different privacy laws. And they don’t always exactly line up. And let’s take the definition of sensitive data that they’re they’re not perfectly equal or individual rights. They’re close, but not quite. I’d love to hear a little bit about maybe what you’re seeing in terms of how companies are lining that up or how it will end or how the technology is helping companies sort through these different challenges.

 

Linda Thielová  9:57  

Yeah, no, that’s a really good example that you should Hearing there and honestly, like, the next floor, which has like, another version of sensitive data definition is just going to kill me. But I bet is coming out probably in the next hour anyway, I think, honestly, we are seeing generally on the operational side businesses taking it on in a more global approach, or at least that’s kind of what I’m seeing. Because I think with the GDPR is started off where everyone was sort of hyper focused on one law, and then all the others started rolling in. And people were like, Okay, we just can’t keep building things sort of parallel, but not together. So right now, everyone’s just looking for, where there are commonalities and overlap for versus where there are some unique things that they need to sort of hyper zoom in on with each new coming laws. So I think that approach of let’s not reinvent the wheel is like the first piece. And you’re exactly right God that I see a lot of technology being brought in to help and to do the heavy lifting. So definitely a huge spike in data discovery and the use cases around data discovery, helping identify sensitive data and helping with the data tagging, in terms of also being able to allocate what matches the sensitive data tags with respect to which jurisdiction is definitely a big one. And I think it sort of ties into that whole idea of what I mentioned earlier, like being able to understand what sort of data you have who’s touching that data? Where is it going to? How long are we supposed to hold on to it. And I think the integrations and data discovery systems, as well as then applying some retention policies and automation around it is just like making it much, much easier in my head to, you know, wrap your head around all of these new laws as a business. But I’d be curious what you think, are like the better ways to deal with it as well.

 

Jodi Daniels  12:00  

While we certainly see that approach, part of the challenge, though, is if we just compare the US to the EU, which is a really common comparison that we see our clients there, some of them are different. If we think about marketing, I don’t know if I always want to take an opt in approach in the US because especially from a consumer driven standpoint, it’s the US is much more forgiving. And compared to the EU, I do see companies not doing it that way, they kind of have the US market as one, and then they lump everybody else into into another approach. From an individual rights perspective, I certainly do think the as, as more companies keep, let me rephrase, as more laws keep passing, then I think you’ll have more consumers that keep understanding what it is that they can do, then you’ll have more actual execution on individual rights. And then I think that’ll be a push up for the need for technology, there’s still a lot of companies where they might just get a trickle. And the technology is not necessarily there. And instead, we have a really long comparison chart of all the different individual rates, and at the rate, we’re going I’m gonna need, like the panoramic size, paper or, you know, PowerPoint to be able to compare them all. But that I think is a bit of the reality is for some of the smaller companies or just a large company, but they don’t have a lot of requests yet, because of people don’t know, as you get more and more, then people are going to start to compare and execute. And then it’ll push the need up for technology. But overall, everyone just can’t wait. Just have one law. That’s what companies

 

Linda Thielová  13:39  

Yeah, no, I love that. And you’re exactly right about like the idea of meeting the critical mass kind of threshold where people graduate from Excel sheets into more of the automation. And that’s obviously different for each business. So yeah, totally, totally see that. And we talked to a lot of businesses were exactly like in the same boat. They’re like, Well, we, we could manage with these laws. But now this one is just the breaking point, because it’s just spiking all of the requests, and we can’t deal with it manually anymore. Yeah.

 

Justin Daniels  14:10  

So for companies who might be first starting their program, where do you suggest they start?

 

Linda Thielová  14:15  

It can be very intimidating. I

 

Justin Daniels  14:18  

five signing up for the OneTruste course.

 

Linda Thielová  14:23  

Yeah, just make it Yeah, exactly. I think duty services would be super helpful in that. I think, and I’m sorry if I keep repeating myself, but I think like the biggest goal here is to understand what’s happening with your data. What is the business actually up to in broad strokes in terms of the data and don’t get me wrong, I know it can be like a bit of a rabbit hole where you’re trying to you know, figure it out all the way down the vendor chain, who’s who’s accessing the data, but what I’m more talking about is really like the broad idea If Well, most of our data processing is relating to these purposes, and we are sending the data roughly to these jurisdictions, these are like key vendors, potentially highest risk vendors. And these are key business owners for the data, key stakeholders who have interest in what’s happening with the data. And I think once you have that sort of picture, that sort of data map that you’re building, that would be like a perfect springboard for then figuring out okay, what does it mean, for us, it means perhaps, that these laws are in scope. And these are the key obligations that we need to prioritize. But I would just underscore that this is a marathon, not a sprint, because as someone who was trying to like create privacy program from nothing I can definitely attest, I can feel like you’re burning yourself out really fast if you don’t pace yourself. And if you don’t make sure that everybody has their kind of buying into it across different departments. So pace yourself, create alliances, don’t take yourself too seriously. Yeah, make sure to relax and breathe. Those are also some of the suggestions I would have. But I didn’t know what do you think, Justin? Do you have some tips for the people who are starting out with the program?

 

Justin Daniels  16:19  

Well, from my perspective, if I get brought in to handle a data breach or a ransomware event, when your network is encrypted, you don’t know where the data is, because you can’t access it. So when I’m thinking about these programs, like you alluded to, and God talks about is it seems the data map has always got to be that first step to understand what data do you collect what different functions collected? Where does it go, especially with the pivot to the remote workforce, you’re just now in a situation where if you do get into a ransomware event, or a data breach, and your network is encrypted, you just don’t know where the data is. And without a data map, data now shows up in very funny places. It’s kind of like digital water, it just goes to where there’s cracks and finds its way through and having dealt with GDPR, you get 72 hours before you have to inform of a data breach, which in the data breach world, you don’t really know a whole lot and 72 hours.

 

Linda Thielová  17:22  

Yeah, no, I can, I can only agree it’s nerve racking to be dealing these sorts of timelines. And I definitely don’t envy those businesses who encountered first major data breach without, as you say, any data catalog in place, or any SOPs are processes for dealing with data breaches in place. So I can only imagine as your I kind of envision your role as a surgeon where you’re sort of brought in, and it’s not good, like the situation isn’t great, and the patient is struggling, and you’re just trying to, you know, get them back on track and sort of in a sustainable state, and then sort of handed over with your instructions for what to do. And yeah, that’s, that’s next level thing. So for me, I would my my recommendations are more of like, I come to a GP and this is what the GP prescribes, whereas you’re really next level. Hardcore situations, stressful stuff. So yeah, I can add,

 

Justin Daniels  18:26  

Justin, I can be the data breach doctor. But actually, Linda, where it really helps is, most people don’t come across a transactional lawyer negotiating a contract who’s handled data breaches. So we get into the privacy and security and how all that intertwines. The other side is put in a really tough spot when you can talk to them chapter and verse why these things need to be in there. Because if we have a data breach or a ransomware event, this is why all of this matters. And if they haven’t handled it, they don’t have the perspective. And what you and Jodie do are a real necessary precursor to being able to deal with a data breach, which is a cost of doing business. Now, you can’t assume it won’t happen to you. That’s just not the case anymore. So what you are doing with Jodi here, that first line of processing defense. Now, that’s

 

Linda Thielová  19:16  

really nice way of putting it and you’re exactly right. It’s not if it’s when So, yeah, let’s let’s hope that we can mitigate as much as possible ahead of time. Yeah.

 

Jodi Daniels  19:27  

So in the spirit of finding the data, there are different modules that can help do that. There’s, you know, a data mapping module and assessment module that’s a little bit it’s automation, but it’s a little bit still have a manual kind of interview style. And then there’s for some companies where that automation and data discovery is really helpful. And there, you still need some human capital behind it to kind of make sense of everything that’s there and connect the dots. Can you share a little bit about maybe when companies should think of one approach over the other or where you’ve seen some success stories?

 

Linda Thielová  19:59  

Oh, Thank you, I think you’ve outlined these approaches really well. And I guess I’m not going to be surprising when I say that the best success stories come up when there’s a combination of these approaches, you’re exactly spot on that the data discovery can be extremely helpful. But I also see it heralded as something that is really not like you have a lot of privacy professionals going into data discovery, talking to our teams, and saying, We want everything we want information about all the data we have a can get really overwhelming really quickly. So I think there are, as you’re saying, there needs to be a human element in terms of weeding out what sorts of data is actually critical that the business actually wants to learn about. The obvious benefits with data discovery is that you learn about the situation on the ground, not what’s on paper, not what’s in your policies, which is, I think, the necessary reality check, which is going to be extremely helpful, especially for businesses who have already done their first touch points around privacy, who thinks their data map is accurate. And now they’re offered a reality check of what is actually happening. So that’s where I see the data discovery sitting. On the other side, I think, the assessment automation and the data mapping pieces, which are arguably a little bit more manual, and that rely on the business owners, and that information from them can be extremely helpful, especially in those earlier stages, where you’re looking more for context and understanding of why do we actually have this partnership? Why do we have this vendor accessing the data? What are the tools serving, which divisions are actually drawing from that vendor tool. So I would recommend these as a first touch point for businesses in terms of building out that comprehensive data map. And unless there some really compelling reasons that otherwise I would recommend to lost out the big guns with data discovery a little bit later on the in the process, or at least that’s kind of what we’re seeing with most businesses, they’re kind of on top of their data mapping game.

 

Jodi Daniels  22:20  

So what I always tell people is a lot of times the tools if you know which systems and what the data is in, I say, well, that’s great, you know, the data is in that system. But it doesn’t tell you why you have it in the first place, or really who you’re sharing it with? Or should you be? Is it a sale under California? Is it a share under California, all of those are extra questions. And that combined approach of that system driven find the data plus the business process approach, that we really take a business process approach of understanding data inventories to gather, you’re then able to have that strong foundation that everyone’s been talking about. But then you get to do the other parts of a privacy program, you need it, to write a privacy notice you need it to be able to figure out those individual rights because they’re not all created equal. And then you’re able to protect and do all the other things connected to it. So I really appreciate that you brought out both of those really important points.

 

Linda Thielová  23:17  

No, I love that as you’re making that connection, and you’re exactly spot on. For me personally, I’m always the happiest when I find the right business owner when I actually find the person or the persons who can tell me about what’s actually happening there with that processing. And because those people are going to be critical for you, not just at this point in time, but hopefully there’ll be also help helping you as you’re updating it and maintaining it, because that’s another fun part of this whole exercise. So yeah, that’s exactly right. As you’re saying these two things just go hand in hand understanding of what’s happening with the data plus why and the business functions behind it.

 

Justin Daniels  23:58  

So kind of changing veins a little bit is, what are some of the biggest challenges you find that companies are facing today, in this ever changing landscape?

 

Linda Thielová  24:08  

I think you’ve said it yourself. Just then one of the biggest challenges is just the fact that it’s changing so quickly. And the requirements seem to be growing not just out of the regular avenues like EU law, but it feels like right now the stakes are even higher due to a huge number of landmark cases which we’re seeing emerging like the friends do, or well, so many in Europe these days. And I expect that with CCPA CPRA, we might start seeing a lot of the case laws will emerging in the US. So that would be another element to it. And I feel like a lot of what we’re seeing businesses struggle with is also not necessarily generated through those laws, but some sort of privacy advocacy that is becoming more and more prominent. So right now, when I’m talking to a lot of businesses, the customers would not necessarily be as worried about, for example, enforcement action, but they’re worried about their PR and getting bad press, if some NGOs which are focused on privacy, find that their cookie banners are not compliant or not necessarily spot on in terms of the expectations around consumer privacy. So I feel like that element of public scrutiny and that sort of expectation around what you’re supposed to be doing with your data, and how transparent you’re supposed to be, is that kind of challenge that a lot of businesses are facing on top of that whole, ever shifting landscape. It’s a challenge. It’s also an opportunity, depending how you look at it, but it definitely adds to the pressure and ups the risks, but it also brings privacy into the boardroom. And it just helps us maybe do the right thing, because now everybody’s watching. I don’t know, I would be really curious about your opinion, what are some of the bigger challenges you’re seeing, especially I think, the data breaches, I keep thinking about them, but not sure if there’s something more there as well.

 

Justin Daniels  26:14  

I think an important recent occurrence is the SEC, the Securities and Exchange Commission bringing out their disclosure requirements around cyber that go into comment, and it’ll be done around May 8. And I think that will directly impact not only publicly traded companies, but also the ones who do business. Because now if I’ve got to disclose what my cyber plans are, that necessarily means I need to be doing the data mapping and the privacy because as I like to say, privacy is the peanut butter and cybersecurity is the jelly. So discontinuing regulatory landscape, you’re just seeing regulators and states are moving in the United States, because the federal government can’t seem to get their act together to pass a law similar to a GDPR. Where it’s a unifying law.

 

Linda Thielová  27:06  

No, you’re exactly right. And and I totally agree with you that what I’m seeing is definitely much more interconnection between or so the cybersecurity laws are now becoming more and more intense, also on requirements that we would normally expect from privacy laws, just as you’ve said, and I’m seeing very, very similar overlaps also between requirements around ethics and whistleblowing. And that whole data governance piece. Now we’re moving into, I think, especially EU is now moving into this whole new strategy around data, which is very over, I guess, overarching, encompassing AI, and all of the machine, machine driven Internet of Things and all the fancy titles. So I see a lot of overlaps between areas of law, which were not necessarily previously connecting to privacy. And now we are all of us kind of on the same boat, and we collaborate because it’s it’s the stakes are that much higher. And it’s all of our interests actually get things right with privacy and data management.

 

Jodi Daniels  28:17  

I think the challenge that I see, we’ve talked about the different laws and data mapping and finding all of that information is also where privacy sits. Smaller companies don’t have anyone who’s paying attention, large companies have maybe a team, but they’re in any size, organization, privacy is reliant on the whole organization, you need to understand what marketing is doing and what HR is doing, and the product team and maybe the sales team and the customer support team. It’s all interconnected. And that, to me is a challenge. And I was interested to know, where do you see in organizations with customers where privacy fits.

 

Linda Thielová  28:57  

And I agree with you that this is a very specific challenge. And I see businesses dealing with it in a unique set of ways. So this will boil down to, as you say, like size of the company, whether it’s centralized or spread out. I have been really impressed with a couple of businesses that were not really granted with a huge budget for privacy teams. So they were operating a relatively small privacy team. But they did manage to assemble like an army, I would almost call it privacy champions within the different business units, who were our time actually supporting them on a lot of privacy initiatives and who were creating that insight into what’s happening within each of the departments. So I would say that you can do effective privacy on a smaller budget, but you have to recognize that there needs to be some sort of strategy around how Each of these teams are benefiting each other. So it can’t be that the privacy is just sort of taking from the other teams. But we need to think hard as privacy professionals around okay, what is it that we can offer marketing? What is it that we can offer sales? Is there something we can do to make their lives easier, maybe in terms of I didn’t know vendor review processes, or I don’t know, supporting sales deals and cutting down on the negotiation times and things like that. So I feel like if there is good communication there and mutual understanding of what we can get from each other, it can be done on budget and with fewer people. But still big admiration for the companies that do it. It’s definitely like the easiest task. Yeah.

 

Justin Daniels  30:44  

So one thing we ask all our guests that we would like to ask you is what is your best privacy slash security tip? Hmm,

 

Linda Thielová  30:52  

I would say that, on a very individual level, my best tip would be, don’t let yourself get stale or burned out. And what I mean by that is that very often, I feel like we get as privacy professionals, we get overwhelmed with the sort of day to day work that we’re dealing with. And we don’t really give ourselves the chance to read up on things which are not necessarily impacting us day to day, but are interesting and are within privacy’s fear. So things like AI or machine learning, and maybe I really enjoyed your episode about drones, even though onetrust is not yet fingers crossed, breeding any drones as a business. So I would recommend for for everyone to basically locate themselves a little bit of time to just learn and sort of read up on things that are interesting to keep arguing for them and privacy and just to keep the relationship with privacy alive.

 

Jodi Daniels  31:57  

I think your day was me no.

 

Justin Daniels  31:59  

Well, I was gonna say I was, I watched with interest about some of the latest e rulings around AML and KYC. When it relates to crypto, the ruling they had, where they were not going to ban proof of work, Bitcoin mining. So those areas where privacy is heading into these new technologies is just fascinating.

 

Jodi Daniels  32:20  

is Linda, when you are not reading or listening about drones and managing privacy and security issues, what do you like to do for fun? Um,

 

Linda Thielová  32:33  

I think we actually touched on that earlier Jodi. So when I’m not working, I’m sort of running behind my dog, I have a very, very active young dog, she’s a border collie cross. And she is like, the perfect antidote to all the office work because she forces me to go outside to run around with her to get muddy and just totally focus on something else and, and be outside and have fun with her. So she’s very demanding to so there are no excuses. I just can’t escape. So that’s, that’s kind of my thing. I’m new dog parents. So I’m new to the whole dog walking community thing. So it’s really exciting for me. How about you too, would you to do to just relax and unwind a bit?

 

Jodi Daniels  33:22  

Well, we have two girls that keep us on our toes. And, and a furry creature that also makes us get out. But we also enjoy the out the outdoors, Justin’s favorite activity, that indeed it is estimated list.

 

Justin Daniels  33:36  

I know, especially when I’ve been to England a few times, you know, I was actually there when they voted on Brexit. And when they implemented GDPR.

 

Linda Thielová  33:45  

Wow. So we’re just choosing cherry picking the landmark times to come and visit. That’s sweet.

 

Justin Daniels  33:52  

I was at a conference speaking but that’s another thing we like to do is travel around and we’re getting to do that. But

 

Jodi Daniels  33:59  

that’s it. Well, Linda, it’s been such a pleasure to have you on and talk about all things privacy, if people want to connect with you, where is the best place to do so

 

Linda Thielová  34:08  

I would definitely recommend for anyone to reach out to me on LinkedIn, that’s probably the safest, easiest way to get in touch. And I’d be really keen to get some discussion going. It’s always nice to bounce ideas around with fellow privacy professionals. So please don’t hesitate to reach out to me.

 

Jodi Daniels  34:24  

Wonderful. Well, thank you again for joining us. We really appreciate it.

 

Linda Thielová  34:28  

Thank you. Thank you so much for having the audience.

 

Outro 34:34  

Thanks for listening to the She Said Privacy/He Said Security podcast. If you haven’t already, be sure to click Subscribe to get future episodes and check us out on LinkedIn. See you next time.