Episodios

  • AI in Recruitment: Navigating GDPR Compliance and Challenges

    AI in Recruitment: Navigating GDPR Compliance and Challenges
    Apr 10 2025
    Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. In this episode, we explore the complex intersection of AI and recruitment, focusing on compliance challenges under GDPR and potential risks. Armstrong highlights that AI is often more prevalent in recruitment processes than many compliance officers realize, often through third-party vendors. He discusses the regulatory landscape in the UK and EU, sharing insights on recent cases related to automated decision-making and the transparency required for such systems. Armstrong offers a seven-point plan for organizations that use or are considering using AI in recruitment, covering provider selection, due diligence, transparency obligations, and mechanisms for handling data subject requests. The conversation underscores the need for proactive engagement between data protection officers, compliance teams, and recruiters to ensure that AI tools are used responsibly and transparently. Key Takeaways · AI in Recruitment: An Overview · Legal and Ethical Concerns · Transparency and Fairness in AI Decisions · Practical Steps for Companies · Future of AI in Recruitment Resources Connect with Tom Fox ● LinkedIn Connect with Jonathan Armstrong ● Twitter ● LinkedIn ● PunterSouthall Life with GDPR was recently honored as a Top Data Security Podcast Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    17 m
  • Cookie Compliance

    Cookie Compliance
    Mar 27 2025
    Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. In this episode, they discuss Cookie Compliance Under GDPR. Their discussion highlights the increasing enforcement actions surrounding website cookies, emphasizing that this is a data protection issue and a broader compliance challenge. Specific case studies, such as the Dutch regulator’s fine against Pool Blue and fines in other EU countries, illustrate the significant financial penalties companies can face for non-compliance. Jonathan outlines an eight-point plan to help organizations ensure their cookie practices are current, including regular checks, proper configuration of cookie banners, and transparency about data retention periods. The episode also touches on the role of third-party cookies, potential litigation, and regulatory actions. Compliance with cookie regulations is becoming increasingly important, with groups like NOYB driving many complaints and regulatory bodies across Europe ramping up enforcement efforts. Listeners are encouraged to assess their cookie practices and make necessary adjustments to avoid fines and maintain compliance. Key takeaways: The Rise of Cookie Enforcement Global Fines and Consequences Practical Compliance Tips Challenges with Cookie Banners Understanding Your Own Cookies Guidelines for Cookie Retention Resources: Connect with Tom Fox LinkedIn Connect with Jonathan Armstrong Twitter LinkedIn PunterSouthall Life with GDPR was recently honored as a Top Data Security Podcast. Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    18 m
  • Navigating CCO and CISO Liability Trends

    Navigating CCO and CISO Liability Trends
    Feb 6 2025
    Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. This episode discusses the complex topic of liability for the Chief Compliance Officer (CCO) and Chief Information Security Officer (CISO). Tom and Jonathan begin by examining notable cases like Joe Sullivan, the former CISO at Uber, who faced prosecution for mishandling a ransomware threat. They also cover other significant cases like Carlos Abarca from TSB Bank and Tim Brown from SolarWinds, highlighting the increasing trend towards personal liability among high-ranking compliance and security officers. Jonathan points out that prosecutors and legislators focus more on individual accountability, driven by the belief that this approach will encourage others to adhere to standards more rigorously. They explore the implications of misleading LinkedIn profiles and the importance of thorough due diligence when taking on new roles. The episode provides practical advice for C-suite executives to protect themselves, including negotiating indemnity clauses and ensuring accurate job descriptions. Key takeaways: Chief Compliance Officer Liability Overview Case Studies: Joe Sullivan and Uber, Carlos Barker and TSB Bank and Tim Brown and SolarWinds Legislation and Trends in Personal Liability SEC Formula for CCO Liability Resources: Connect with Tom Fox LinkedIn Connect with Jonathan Armstrong Twitter LinkedIn PunterSouthall Life with GDPR was recently honored as a Top Data Security Podcast Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    24 m
  • Navigating the EU AI Act

    Navigating the EU AI Act
    Jan 9 2025
    Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. In this episode, they discuss a pressing deadline for compliance officers: the February 2nd enforcement of the EU AI Act’s prohibitions on unacceptable AI risk. Tom and Jonathan look at the phased implementation of this complex legislation, detailing the obligations of businesses using AI in their EU operations. Jonathan emphasizes the importance of identifying ‘shadow AI’ within organizations, from HR recruitment tools to consumer applications, and the substantial penalties for non-compliance, which can reach up to $35 million or 7% of global annual revenue. They also cover a practical five-step plan to help companies move towards compliance, involving board awareness, an AI inventory, assessment of AI tools, contract reviews, and transparency measures. Tune in to understand the nuances of this legislation and how to prepare your organization before the rapidly approaching deadline. Key takeaways: Understanding the EU AI Act Prohibited AI Applications Corporate and Personal Liability Steps to Compliance Resources: Connect with Tom Fox LinkedIn Connect with Jonathan Armstrong Twitter LinkedIn PunterSouthall Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    30 m
  • Understanding the UK’s Failure to Prevent Fraud

    Understanding the UK’s Failure to Prevent Fraud
    Nov 21 2024
    Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. This episode delves into the UK’s Failure to Prevent Fraud guidance. The podcast spans the initial implications and conflicts these new provisions present, especially in the context of GDPR and compliance with bribery investigations. Jonathan explains the concept of ‘failure to prevent fraud,’ drawing parallels with the 2010 UK Bribery Act, and outlines six key principles organizations must adhere to to demonstrate compliance. Additionally, the episode delves into specific steps compliance professionals should take before the new provisions come into force by July 2025, including gap analysis, policy updating, training, and more. Key takeaways: Failure to Prevent Bribery and Fraud New Legislation and Its Implications Reasonable Procedures Under the Failure to Prevent Fraud Act Comparing Fraud and Bribery Compliance Steps for Compliance Professionals Resources: Connect with Tom Fox LinkedIn Connect with Jonathan Armstrong Twitter LinkedIn PunterSouthall Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    21 m
  • AI Regulation in The EU

    AI Regulation in The EU
    Aug 15 2024
    Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. In this episode, we delve into the complex provisions of the new EU AI Act, exploring its global effects and extraterritorial implications similar to the GDPR. Tom, Jonathan and a few friends discuss the multifaceted regulatory framework, which combines elements from EU antitrust law, GDPR, and EU medical device rules, and highlight the need for transparency and compliance for AI developers and corporations using AI. We also address enforcement timelines, the importance of an AI inventory, and practical steps for compliance officers to ensure adherence to the new regulations. Key Takeaways: Overview of the EU AI Act Enforcement and Compliance Corporate Responsibilities and Compliance Strategies Enforcement Mechanisms and Penalties Practical Steps for Organizations Challenges and Governance Resources: Connect with Tom Fox Instagram Facebook YouTube Twitter LinkedIn Connect with Jonathan Armstrong Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    35 m
  • What Does The UK Election Mean for Compliance?

    What Does The UK Election Mean for Compliance?
    Jul 11 2024
    Tom Fox and Jonathan Armstrong, a renowned expert in cybersecurity, co-host the award-winning “Life with GDPR.” Jonathan has returned from his hiatus, and in this episode, we examine the UK election results and their potential impact on compliance. The recent UK election has significant implications for compliance, particularly concerning the dynamics between the UK’s Serious Fraud Office (SFO) and the new government. Jonathan Armstrong, an expert on bribery enforcement, anticipates that the new administration under Keir Starmer will focus on high-profile issues like the PPE scandal while maintaining robust enforcement actions, including dawn raids. Armstrong and Fox bring deep insights into the potential compliance landscape, shaped by their extensive backgrounds: Armstrong’s expertise in corruption investigations and Fox’s experience with the criminal justice system. Fox highlights the impact of the new Prime Minister’s legal background in bolstering enforcement efforts and contemplates the future governance of AI under this administration. Both experts foresee a political shift, with Armstrong expecting the Conservative Party to lean rightward yet occupy the political center, and Fox emphasizing the continuity and experience the new government brings to compliance and enforcement issues. Key Takeaways: Heightened Bribery Enforcement Under New Government Russian Sanctions and Uighur Import Regulations Data Protection Bill Changes Post-UK Election UK’s New Administration Faces Challenges and Changes Center-Ground Positioning in UK Politics Resources: Connect with Tom Fox Instagram Facebook YouTube Twitter LinkedIn Connect with Jonathan Armstrong Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    36 m
  • Karen Moore on The EU, Corporate Sustainability Due Diligence Directive

    Karen Moore on The EU, Corporate Sustainability Due Diligence Directive
    Apr 18 2024
    Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. Jonathan is on a short hiatus and in this episode, we have a special guest, Karen Moore who discusses the EU’s Corporate Sustainability-Due Diligence Directive. Karen Moore is a well-versed professional in the area of impact assessments and due diligence, with a particular focus on human rights and environmental issues to prevent and address potential harm. Her perspective, shaped by her extensive experience, is that impact assessments and due diligence are key indicators of a corporation’s commitment to preserving the environment and upholding human rights. Moore emphasizes the importance of these processes not only within a company’s own activities, but also within those of its suppliers and indirect suppliers. She stresses the need for a robust due diligence process, including tracking progress, publishing annual statements, implementing complaints procedures, and involving all employees. Additionally, she highlights the challenges of managing these processes, such as complex questionnaires for third-party suppliers and the need for streamlined assessments. She believes in a proactive approach to corporate responsibility, going beyond regulatory requirements to foster sustainable practices and ethical decision-making. Key Takeaways: Ethical and Sustainable Business Practices Compliance Guidelines Ethical Evaluation for Data Privacy Compliance in the US Ethical Data Handling for GDPR Compliance Ethical Business Practices in Supply Chains Resources: Connect with Tom Fox Instagram Facebook YouTube Twitter LinkedIn Connect with Jonathan Armstrong Twitter LinkedIn Connect with Karen Moore LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    21 m
adbl_web_global_use_to_activate_webcro768_stickypopup