Send us Fan Mail

In this episode of The Data Diva Talks Privacy, Debbie Reynolds, "The Data Diva" speaks with Rowenna Fielding, Director of Miss IG Geek, about data ethics, privacy, governance, and the human impact of how organizations collect and use data. Rowenna shares her unconventional path into privacy, beginning in theater and information technology before eventually specializing in information governance, data protection, and data ethics. She explains how her work evolved as she became increasingly interested not only in legal compliance but also in the broader consequences of the way organizations make decisions about people using data.

The conversation explores the distinction between compliance and ethics, and why organizations often assume that following policies, regulations, or technical controls automatically leads to ethical outcomes. Rowenna argues that data is not neutral or objective but is instead the product of human choices, incentives, and assumptions. Debbie and Rowenna discuss how organizations frequently collect and use data without fully considering whether the data is appropriate, whether it should be collected at all, or whether its use could unintentionally cause harm.

They examine the challenge of defining harm in the context of privacy and data protection, particularly when the effects are psychological, social, reputational, or otherwise difficult to measure. The discussion includes comparisons to health and safety frameworks, highlighting how organizations can build systems, governance structures, incentives, education programs, and cultures that make responsible data use the default rather than the exception. Rowenna explains how GDPR's foundation in fundamental rights provides a useful framework for evaluating ethical questions and why organizations must think beyond legal compliance to consider the broader impact of their actions on individuals and society.

The episode also explores corporate social responsibility, ESG, organizational values, and how leaders can establish meaningful ethical boundaries in environments where technology is advancing faster than regulation or societal norms. Throughout the conversation, Debbie and Rowenna challenge organizations to think critically about what it means to use data responsibly and how privacy programs can move beyond box-checking exercises to become part of a broader commitment to reducing harm and protecting people.

By popular demand, Debbie Reynolds Consulting is now offering executive briefings on emerging data privacy risks and how companies can avoid them. To learn more, visit the Executive briefings page on my website.

Support the show

Become an insider, join Data Diva Confidential for data strategy and data privacy insights delivered to your inbox.

💡 Receive expert briefings, practical guidance, and exclusive resources designed for leaders shaping the future of data and AI.

👉 Join here: http://bit.ly/3Jb8S5p

Debbie Reynolds Consulting, LLC

Send us Fan Mail

In this episode of The Data Diva Talks Privacy, Debbie Reynolds, "The Data Diva" speaks with Eric Null, Director, Privacy & Data Program at the Center for Democracy & Technology, about the current state of privacy in the United States and the ongoing effort to establish comprehensive federal privacy legislation. Eric shares his unique journey from studying classical clarinet performance to becoming a leading advocate for privacy and consumer rights, explaining how his work in technology policy, net neutrality, broadband privacy, and consumer protection shaped his perspective on privacy as an issue fundamentally connected to power and control.

The conversation explores how information functions as a source of power in the digital age and why the collection, processing, and use of personal data can create risks ranging from manipulation and profiling to broader concerns about autonomy and control. Eric discusses his early work involving children's privacy, broadband privacy, and consumer protection, including efforts to strengthen privacy protections through the Federal Communications Commission and the Federal Trade Commission. He explains how the growth of the "free" Internet business model has created an environment in which individuals often exchange large amounts of personal information in exchange for access to online services, incentivizing extensive data collection and monetization.

Debbie and Eric examine the current U.S. privacy landscape, including the sector-specific approach taken by laws such as HIPAA, the Gramm-Leach-Bliley Act, and COPPA. They discuss the Federal Trade Commission's role as the primary federal privacy regulator and how the agency's authority has historically relied on preventing deceptive and unfair practices rather than establishing broad data rights. The discussion explores the limitations of the notice-and-choice model, in which organizations disclose their practices through privacy policies that consumers rarely read or meaningfully negotiate, and how network effects can limit the practical choices available to individuals seeking to participate in modern digital platforms.

The episode also covers the repeated attempts to pass comprehensive federal privacy legislation, including the American Data Privacy and Protection Act (ADPPA), the American Privacy Rights Act (APRA), and more recent proposals. Eric shares insights into the legislative challenges that have prevented these efforts from becoming law and discusses the policy debates surrounding data minimization, consumer rights, enforcement, and the relationship between privacy and broader concerns about the power of large technology companies. The conversation highlights why privacy remains one of the most important policy issues facing organizations, regulators, and consumers, and why meaningful reform continues to be difficult despite widespread public concern.

By popular demand, Debbie Reynolds Consulting is now offering executive briefings on emerging data privacy risks and how companies can avoid them. To learn more, visit the Executive briefings page on my website.

Support the show

Become an insider, join Data Diva Confidential for data strategy and data privacy insights delivered to your inbox.

💡 Receive expert briefings, practical guidance, and exclusive resources designed for leaders shaping the future of data and AI.

👉 Join here: http://bit.ly/3Jb8S5p

Debbie Reynolds Consulting, LLC

Send us Fan Mail

Doug Austin, Editor of eDiscovery Today

In this episode of The Data Diva Talks Privacy, Debbie Reynolds, The Data Diva speaks with Doug Austin, Editor of eDiscovery Today, about how eDiscovery, data governance, privacy, and artificial intelligence are increasingly interconnected in modern organizations. Doug explains how eDiscovery has evolved from a litigation-focused discipline into a broader framework that supports investigations, audits, incident response, and privacy-related workflows such as data subject access requests.

The conversation explores how AI is generating entirely new categories of data, including chatbot interactions, meeting transcripts, automated summaries, and AI-generated content, all of which may become evidence in legal and regulatory contexts. Debbie and Doug discuss how organizations are struggling to manage this expanding data landscape, particularly as employees adopt AI tools without fully understanding the implications for privacy, confidentiality, and data exposure.

They examine real-world scenarios involving AI note-taking tools and meeting recordings, including cases where sensitive information is captured and shared beyond its intended audience. The discussion also highlights risks associated with uploading confidential information into public AI systems and the lack of awareness around how these tools handle and retain data.

The episode further explores key legal developments, including litigation involving AI companies and disputes over data retention and production, as well as emerging questions around privilege and work product protections for AI-generated content. Debbie and Doug discuss how courts are beginning to address whether interactions with AI systems can be protected and the implications for both represented and self-represented individuals.

The conversation emphasizes that AI is fundamentally reshaping how data is created, stored, and used, and that organizations must adapt their governance, legal, and privacy strategies to manage these risks effectively while maintaining defensible and compliant data practices.

By popular demand, Debbie Reynolds Consulting is now offering executive briefings on emerging data privacy risks and how companies can avoid them. To learn more, visit the Executive briefings page on my website.

Support the show

Become an insider, join Data Diva Confidential for data strategy and data privacy insights delivered to your inbox.

💡 Receive expert briefings, practical guidance, and exclusive resources designed for leaders shaping the future of data and AI.

👉 Join here: http://bit.ly/3Jb8S5p

Debbie Reynolds Consulting, LLC

Send us Fan Mail

Ross Saunders, Head of Ross G. Saunders Consulting

In this episode of The Data Diva Talks Privacy, Debbie Reynolds, The Data Diva speaks with Ross Saunders, Head of Ross G. Saunders Consulting, about privacy engineering and the challenges organizations face when translating legal requirements into technical implementation. Ross shares his background in infrastructure, DevOps, and software architecture, explaining how his experience working with SaaS environments and data breaches led him to focus on bridging the gap between legal, security, and development teams.

The conversation explores how privacy is often treated as a legal or compliance exercise, while in practice it requires integration into system design and development workflows. Debbie and Ross discuss how developers frequently receive requirements that do not align with legal intent, leading to inconsistencies in implementation and increased risk for organizations.

They examine real-world challenges in applying privacy regulations, including age verification requirements and the classification of IP addresses, where technical realities may conflict with regulatory expectations. The discussion also addresses the limitations of focusing on specific technologies, such as cookies, rather than addressing broader issues related to data sharing and potential harm.

The episode highlights practical examples of risk, including loyalty applications that collect extensive financial transaction data and the potential consequences if that data is exposed or misused. Debbie and Ross emphasize the importance of shifting toward harm-based approaches to privacy and ensuring that organizations understand the real-world impact of their data practices.

The conversation also explores emerging risks associated with agentic AI and autonomous systems, including scenarios where systems are granted excessive access and cause unintended damage or data loss. Organizations must implement governance, oversight, and clear controls to ensure that innovation in AI does not introduce unnecessary risk.

By popular demand, Debbie Reynolds Consulting is now offering executive briefings on emerging data privacy risks and how companies can avoid them. To learn more, visit the Executive briefings page on my website.

Support the show

Become an insider, join Data Diva Confidential for data strategy and data privacy insights delivered to your inbox.

💡 Receive expert briefings, practical guidance, and exclusive resources designed for leaders shaping the future of data and AI.

👉 Join here: http://bit.ly/3Jb8S5p

Debbie Reynolds Consulting, LLC

Send us Fan Mail

Terri Lewis, Founder of Planet Connected

In this episode of The Data Diva Talks Privacy, Debbie Reynolds, The Data Diva speaks with Terri Lewis, Founder of Planet Connected, about privacy, data governance, and risk in smart cities and connected infrastructure. Terri shares her background in digital strategy and her work supporting collaboration between cities and technology providers, emphasizing the importance of building trust and transparency into smart city initiatives.

The conversation explores how everyday systems such as water utilities, parking applications, and license plate readers collect and process personal data, often without individuals fully understanding the scope of that data collection. Debbie and Terri discuss how data from smart meters, for example, can reveal occupancy patterns and behavioral insights, and how location-based services and parking systems can introduce privacy risks through the collection of personal and financial information.

They examine the role of third-party vendors and the challenges organizations face in managing data across multiple providers, including concerns about overcollection, lack of transparency, and unclear data ownership. Real-world examples highlight how individuals may be required to provide more data than expected for routine activities, raising questions about proportionality and necessity.

The episode also explores broader IoT risks, including long device lifecycles, evolving capabilities through updates, and the increasing use of cameras and image-based technologies. Debbie and Terri discuss how advances in image recognition and facial recognition can enable identification of individuals in public spaces, creating new risks that existing legal frameworks may not fully address.

The discussion emphasizes that organizations must take a proactive approach to data governance, anticipating potential misuse, addressing unintended consequences, and aligning technology deployment with public expectations and trust. As cities continue to adopt connected technologies, leaders must ensure that innovation is balanced with strong privacy, security, and accountability practices.

By popular demand, Debbie Reynolds Consulting is now offering executive briefings on emerging data privacy risks and how companies can avoid them. To learn more, visit the Executive briefings page on my website.

Support the show

Become an insider, join Data Diva Confidential for data strategy and data privacy insights delivered to your inbox.

💡 Receive expert briefings, practical guidance, and exclusive resources designed for leaders shaping the future of data and AI.

👉 Join here: http://bit.ly/3Jb8S5p

Debbie Reynolds Consulting, LLC

Send us Fan Mail

Vibeke Specht, Co-founder of Peak Privacy and Author of “From GDPR Confusion to Privacy First Marketing”

In this episode of The Data Diva Talks Privacy, Debbie Reynolds, The Data Diva speaks with Vibeke Specht, Co-founder of Peak Privacy and author of “From GDPR Confusion to Privacy First Marketing,” about privacy, data governance, and the broader societal impact of data-driven marketing practices. Vibeke shares her background in journalism, political science, and marketing, explaining how her work evolved into a focus on privacy as she recognized the deeper implications of data collection, tracking, and profiling.

The conversation explores how GDPR is grounded in European history and fundamental rights, including protections against surveillance and misuse of personal data, and how this approach differs from more commercially driven data models often seen in the United States. Debbie and Vibeke discuss how marketing teams were among the first to confront the operational impact of GDPR, particularly through cookie regulations, consent requirements, and shifting expectations around transparency and accountability.

They examine the evolution of the ad tech ecosystem, including third-party cookies, large-scale tracking, and the role of dominant platforms in shaping how data is collected, shared, and monetized. The discussion highlights how complex and opaque data flows make it difficult for both organizations and individuals to fully understand how personal data is used, creating risk for companies and limiting meaningful user control.

The episode also explores how data practices influence behavior at scale, including the potential impact on democratic systems, decision-making, and public trust. Vibeke emphasizes the importance of moving beyond surface-level compliance and addressing the underlying structures that drive data collection and use, while organizations must balance innovation, competition, and responsible data practices in an increasingly complex regulatory environment.

By popular demand, Debbie Reynolds Consulting is now offering executive briefings on emerging data privacy risks and how companies can avoid them. To learn more, visit the Executive briefings page on my website.

Support the show

Become an insider, join Data Diva Confidential for data strategy and data privacy insights delivered to your inbox.

💡 Receive expert briefings, practical guidance, and exclusive resources designed for leaders shaping the future of data and AI.

👉 Join here: http://bit.ly/3Jb8S5p

Debbie Reynolds Consulting, LLC

Send us Fan Mail

Bradon Rogers, Chief Customer Officer, Island

In this episode of The Data Diva Talks Privacy, Debbie Reynolds, "The Data Diva," speaks with Bradon Rogers, Chief Customer Officer, Island, about how organizations are addressing complex enterprise challenges related to data governance, privacy, and control. Bradon explains how Island was designed to solve persistent issues that companies face, including limited visibility into user activity, fragmented tools, and the difficulty of managing sensitive data across cloud applications, remote work environments, and emerging technologies.
The conversation explores how organizations can move toward a more unified, practical approach to data management, where governance and privacy controls are embedded directly into how work is performed. Rather than relying on disconnected systems, Island enables companies to monitor and control how data is accessed and used in real time, helping to reduce risk while maintaining operational efficiency.

Debbie and Bradon also discuss how modern enterprises are rethinking data governance as a business-critical function rather than just a compliance requirement. They highlight how privacy considerations are becoming more integrated into enterprise workflows, and how organizations can better align their security, privacy, and data strategies to support both protection and productivity in increasingly complex digital environments.

This episode is sponsored by Island. We thank them for their support and for sharing insight into how organizations can better manage data governance and privacy in today’s enterprise landscape.

"You can learn more at island.io, where Island is rethinking how enterprises secure data, gain visibility, and manage privacy—without getting in the way of how people work."

By popular demand, Debbie Reynolds Consulting is now offering executive briefings on emerging data privacy risks and how companies can avoid them. To learn more, visit the Executive briefings page on my website.

Support the show

Become an insider, join Data Diva Confidential for data strategy and data privacy insights delivered to your inbox.

💡 Receive expert briefings, practical guidance, and exclusive resources designed for leaders shaping the future of data and AI.

👉 Join here: http://bit.ly/3Jb8S5p

Debbie Reynolds Consulting, LLC

Send us Fan Mail

In this episode of The Data Diva Talks Privacy, Debbie Reynolds, "The Data Diva," speaks with Michael Simon, Founder, Law+Data, LLC, about the intersection of privacy, data governance, and the real-world consequences of how data and technology are used today. The conversation moves beyond theory to examine how emerging technologies are already impacting individuals, organizations, and legal frameworks.

Debbie and Michael explore recent events that highlight the growing risks associated with technology and data use, including a widely discussed incident in which a driver claimed a Tesla vehicle malfunction led to a crash, and another case involving a woman arrested for using AI-driven identification. These examples illustrate how reliance on automated systems, data interpretation, and emerging technologies can raise serious legal, privacy, and due-process concerns.

The discussion examines how organizations and legal professionals must think more critically about data accuracy, accountability, and the assumptions built into technological systems. Michael provides insight into how legal frameworks struggle to keep pace with technological advancements and how misapplied or misunderstood data can lead to significant consequences for individuals.

Debbie Reynolds, the Data Diva, and Michael also address the broader implications for businesses, including the importance of implementing strong data governance practices, ensuring transparency in how data is used, and understanding the legal exposure that can arise when decisions are driven by automated or data-dependent systems. The episode emphasizes that data governance and privacy are not abstract concepts but essential safeguards that directly affect real people and real outcomes.

This conversation offers a grounded, practical perspective on how current events are shaping the future of privacy, law, and data responsibility, and why organizations must take a more deliberate, informed approach to managing data in an increasingly complex environment.

By popular demand, Debbie Reynolds Consulting is now offering executive briefings on emerging data privacy risks and how companies can avoid them. To learn more, visit the Executive briefings page on my website.

Support the show

Become an insider, join Data Diva Confidential for data strategy and data privacy insights delivered to your inbox.

💡 Receive expert briefings, practical guidance, and exclusive resources designed for leaders shaping the future of data and AI.

👉 Join here: http://bit.ly/3Jb8S5p

Debbie Reynolds Consulting, LLC