E1 - Jeff Salling of Novartis

Copy of Copy of Copy of TheFixLogo.gif

The Data Diva Episode 1 - Jeff Salling of Novartis & Debbie Reynolds

 41:34

SUMMARY KEYWORDS

privacy, people, privacy shield, Debbie, redaction, counsels, data, Switzerland, invalidated, redact, EU, safe harbor, company, Schrems

SPEAKERS

Debbie Reynolds, Jeff Salling

 

Debbie Reynolds  00:01

Hello, this is Debbie Reynolds with "The Data Diva Talks Podcast," where we discuss Data Privacy issues with industry leaders around the world with insights that businesses need to know now. I am so delighted to have a very stellar professional and a dear friend of mine, Jeff Salling, on this show, Jeff, and please say hello to my audience.

 

Jeff Salling  00:26

Hi, audience. We're very honored to be here with Debbie or, as she's known in my house, Aunt Debbie.

 

Debbie Reynolds  00:33

Exactly, exactly. I was so excited. You just don't know. Like, last night, I was like Christmas a year. I couldn't wait to talk to you today, especially because of the pandemic. You know, you and I, we've touched base, obviously, over the months, but we haven't had a chance to talk as much as we typically do. I think over the years, we've probably talked hundreds of hours about data and technology and stuff like that. So it's nice and fun for us to be able to geek out today together on this podcast and talk about all the wacky things are happening in Data Technology and Data Privacy and what's happening in your world. So, Jeff, you're the global director of E-discovery for Novartis, correct? Is that the right title?

 

Jeff Salling  01:19

That's correct. Today, that's what they call me.

 

Debbie Reynolds  01:22

You're head honcho? You know, I, you and I met in Chicago, actually contacted me many years ago on LinkedIn. And you and I both had in common. We were working in the E-discovery field, and we both did adjunct professor work. So you were an adjunct at I was at, let's say, Cleveland, Marshall, we did at Cleveland. Yeah.

 

01:48

John Marshall,

 

Debbie Reynolds  01:49

John Marshall, John Marshall, law school,

 

Jeff Salling  01:52

if it has Marshall in it, they include me; otherwise, I'm not invited.

 

Debbie Reynolds  01:56

Exactly. Exactly. So actually, you asked me to guest speak in your class a couple of times. So I'm actually probably one of some of the first we recorded then or did have any educational things I've done with you.

 

Jeff Salling  02:08

Those are still going strong as of this summer. Oh, good. Students still know about Debbie. Debbie Reynolds is still there.

 

Debbie Reynolds  02:16

Perhaps the stuff we were talking about is evergreen. And that way, I don't know, maybe that's a sad commentary. I don't know. Things definitely don't change that much. But you, I think you have a very unique point of view. Because of course, you're American, but you lived over in Europe. Your job at Novartis, especially I think pharmaceutical companies, you all touch almost any regulation on earth that I can think of. So it's you know, you have issues with customers, you're working with people in different countries, you know, all this, all those things are swirling around with the changes, and regulations around the world definitely impact you. And I think people sort of don't understand that a lot of people like us who have been dealing with E-discovery, and multinational corporations, we've been dealing with privacy for decades. So it's just been a part of our work, and then once the GDPR once the fine thing when the GDPR came out, and all of a sudden people like, Oh, my God, privacy is a thing. So we ere like"What, what?" it was just, it was just like a line item on your job description before now. It's like a huge, you know, individual thing. But what are your thoughts about that?

 

Jeff Salling  03:31

Yeah, well, I remember, when I got the offer to go to Switzerland, obviously, you being one of the people I talked to. And what we talked about was where Switzerland isn't part of the EU, obviously, we're surrounded by the EU. And that to move there right before GDPR went into effect would be such a great way to kind of hone those skills around privacy and learn a lot more. We're very lucky that we have a huge Data Privacy team. So I often have people who know a lot about it that I can go to obviously, I also have friends like yourself, who when I have questions and things that I don't know the answer to when it comes to privacy. But even going back to your comments around our discussion being evergreen, I think part of the reason why a discussion you and I could have on Data Privacy four years ago still being relevant today is because we were forward thinkers. We weren't caught off guard. It's amazing how often now, I guess in one regard, I do hear counsels talk about privacy. Because I think you know, as you know, even three and four years ago, we were the ones bringing it up, like Hey, remember though, we can't just put those emails on a hard drive and ship it over here. You know, why not? Well, because we're gonna violate privacy laws. If we do that, or potentially violate privacy laws, on the other end of that spectrum, there are still a lot of conversations that we have with outside councils are like, Well, I mean, it's just gonna cause a huge problem. If we put redactions on those documents, like we already know, the other side is going to complain. So like, let's just not do it here. Like, all right, if you're wanting to put yourself on the hook for 4% of our global revenue, then maybe we'll make that decision. But even that alone, we wouldn't do it because of the reputational harm. And I think sometimes that aspect gets overlooked that at least our counsels who are on top of it are, you know, they're the ones saying, well, it's 4%. Like, there's no way you should ever take this risk, you know, it's 4%. So we need to do this. But I think 4% would be relevant, but not as relevant as the reputational harm, we don't want to be that pharma company who's violating Data Privacy. So that means we spend an awful lot of money to draw little boxes or today, and in some cases, have computers draw little boxes, to make sure that we're compliant.

 

Debbie Reynolds  06:15

Yeah. And actually, you know, what I like to say to lawyers, I say, you know, you can't break laws to make laws. So your case, a lot of times people aren't thinking about the issues of their case, they're thinking with sort of blinders on. But if you're trampling on the rights of individuals, you're still, you know, you're gonna end up worse off than you were before if you're not following those things. So just opening up people's lives in that company having that conversation. And like you were saying, we've had these conversations thousands of times over decades about this stuff. I was talking to a girl the other day about blacking statues, and I'm, like, black mustaches have been around for decades. Like this is so so not a new thing. So a lot of things that people are kind of up in arms about, especially, you know, respecting the rights of individuals, not new, not a new thing.

 

Jeff Salling  07:13

No, it's not. But it's also I think that puts us sometimes in a difficult position because we have spoken about it thousands of times. So it's in a lot of cases if we didn't have good handbooks and playbooks and documentation, I probably wouldn't ask about it. Because for me, I would just take it for granted like, well, we have custodians, in Germany, in Italy. And in Switzerland, we're not going to just throw that information on our hard drive and ship it back. But I know we'd have counsels who that would be their solution. And I think you make a very good point of getting outside of the blinders because I think I see it still in two regards—big Picture wise and small picture. And I think big picture-wise just for the company. Like I can't put the company at risk for my one small matter. Or even for my one big matter, I have to think about what's good for the enterprise. But I even see it on the matter to say, as you said, like, you're trampling individual rights and fundamental rights in many of these countries. And I see it in a counsel who really can't grapple with, well, in the US, we don't really care. We produce whatever. So let's just do that here. And, you know, that's what you're trained, you're schooling. Apparently, most of the matters that you've worked on already didn't have this international component. But when it does, you need to, I guess, take those blinders off and realize that in other places, and one's not better than the other one's just easier and cheaper than the other. Right. But that doesn't make it necessarily better for the people.

 

Debbie Reynolds  09:02

Yeah, I want to talk to you a bit about this. I think you may have a good perspective of this, again, because you live in Europe, and you're working with a multinational company, they have all these privacy concerns. I hear people sometimes talk about kind of an American view of privacy, not necessarily just in the US, just in regards to the US laws, but I don't know maybe that means like a more of a cowboy attitude about things. I don't know. I wanted to know if you had any thoughts about that. I hear a lot of my European counterpart parts mention that at times. I want your perspective on that.

 

Jeff Salling  09:40

Yeah. Most recently, we're on a call where the distinction was made. And I guess I'd say having lived abroad, it's well you just don't care in the US about privacy. It's like, well, we care less, but we do care. And there's specific things you care a lot about, you know, you your social security number definitely credit card numbers. But there's some things, and I guess in the US, it's, it varies a lot more. And next us in Switzerland, if you can just even culturally, view, it's a different atmosphere, it's a much more private atmosphere. And again, it doesn't make it any better or worse, it just makes it different and making sure that you respect that right. And then, in our role is more importantly, that you understand it, right. Because if you are, you know, asking certain questions, if you are especially even just having discussions, something really simple, like a legal hold, I remember the first time I said a legal hold out to people in, in Germany, like the questions I got back like, Am I in trouble? Am I being in debt? And like, No, no, I was just like, this was my way of letting you know that there's something going on and like your name might just be in an org chart somewhere, you might not, we're just taking our kind of first cut and making sure we get this out timely. You know you don't always have time to do these in-depth custodian interviews before we can get a hold out. But the reaction I got was like this worry of I did something wrong. I'm in trouble. I'm being investigated. When realistically, we're probably not even going to collect from that person. As the matter progresses. It's just we're making sure we're doing our due diligence and including the right people. So it's, there's a personal attachment there that we don't regularly see in the US.

 

Debbie Reynolds  11:49

Yeah, I think, I guess the way I would describe it is people in Europe feel about privacy, like people in the US feel about freedom of speech. I think that's probably about as equivalent as I can get it. You know, where we're at, I think about the privacy thing in the US is more about people not understanding. So I don't know the last time you read the Constitution, but people think there are magical things in there that are in there. And it's not that long. So highly recommend people read the Constitution and figure out that privacy isn't in there, really.

 

Jeff Salling  12:26

I think we could make this a 12-hour podcast if we talked about what people think is in the Constitution. That is the Constitution. But I know that that's not a direction you would want me to go in on this particular conversation. So I'll drink from my Disney Paris mug on that front.

 

12:48

I love it.

 

Debbie Reynolds  12:48

I love it. I love to talk about the Privacy Shield and validation. Now we've been watching these Schrems cases play out for years, and I was one before this case came up. Probably three people in the world, I can think that we're even talking about it. And I'm like, Hey, this is like a huge thing. There's probably going to get invalidated. I'm not sure why I wasn't invalidated before. But, was this a surprise to you when the privacy issue again validated?

 

Jeff Salling  13:23

No. It wasn't. But I guess it's because of our conversations. Yeah, like, well, this has to happen next. Yeah. And you bring up another good point. Because one of the things that I remember when I did move to Switzerland, and I'm thinking like, you know, I got to get my GDPR hat on, we're getting GDPR. Ready. I've got, I think, five months until GDPR hits. And I remember one of the first things I asked one of our litigators to say, you know, what do we need to say? I mean, we've been doing this for a long time, I'm like, but in the US like this seems like this, like, Well, we've cared about individual rights long before someone told us to, and was gonna penalize us. So we're all set. Like, yes, there will be things to update and change. There always will be. But as I got there, I realized, oh, man, I you know this, they're ready. Oh, yeah. And I felt the same with the invalidation of the Privacy Shield. I thought, like, we're ready for this because we understand it. And we didn't rely on some of these mechanisms that allowed for data transfers and things like that, because I want to say it just in some ways it added to the administrative burden. I am sending it to do they have this, and then also, knowing this will be invalidated at some point, not knowing the timing and what that would have been but did we want to build a best practice around something we knew would be invalidated? And the answer was no.

 

Debbie Reynolds  15:01

Yeah, and actually, so when Safe Harbor that was a shock, though, so when the Safe Harbor got invalidated, because they had been in play for what, 15 years at that point, that was shocking. So I don't think anybody thought that Max Schrems case was gonna come gonna, you know, have that impact. But when it did, less than half of the people who were part of Safe Harbor signed up for the Privacy Shield, so at least 50% of those people thought, Well, let me find some other alternate way. So the people who it was invalidated with this time, they're kind of in a pickle in some regard because the US is requiring those companies to sort of stay compliant with the Privacy Shield, even though it's been invalidated. I guess there's some level of talks happening between the US and the EU about this. But I feel like what happened was because people were shocked about the Safe Harbor being invalidated. And they wanted to put something in place, they sort of hurriedly put together the Privacy Shield framework, which wasn't that different, in my opinion, from the Safe Harbor, really, you know, they added a couple of things, but it wasn't significantly different. But I think the reason why they did that was to try to keep the lines of communication open. And remember, this happened in 2016. So as the new administration was coming aboard, they wanted to see how much they would want to have more dialogue and communication and understanding between, you know, the EU and the US, and apparently, that did not happen. So, I think that they use these Schrems cases as an opportunity to say, Hey, we don't like the way that this is going on, let me take my ball and go home, basically. Well,

 

Jeff Salling  16:46

yeah, I think it was a missed opportunity

 

Debbie Reynolds  16:49

Oh, it's a huge missed opportunity.

 

Jeff Salling  16:51

What it kind of reminded me of is, you and I are working 430 hits, and our boss says, Hey, did you have that Privacy Shield by five? And we're like, oh, Debbie, did you do it? You didn't do it either. All right, well, in 30 minutes, let's just tweak what we had and submit that. And they had the opportunity for some very bright privacy minds that could have put something together. And I don't know what it got to the level where it would have been a long term solution. Because I think for that to happen, there would have needed to be significant changes. But I think we could have withstood. What did we get? Four years, three years, four years, then

 

Debbie Reynolds  17:33

It wasn't quite four, a couple years.

 

Jeff Salling  17:36

Could have got a little bit more far. Yeah. And I know the Swiss Privacy Shield was right behind this Privacy Shield. Both ways in moving on, and then also being, you know, turned away now, but it's just it was a big missed opportunity. But it did make it very easy on companies and those few speakers, they didn't need to make that bigger changes, you know, as someone that you can contact a few other small things, and they were able to turn it around. And I think those of us who read it right and understood it knew this wouldn't last long because you didn't address the concerns. You address, you know, 2 of 52.

 

Debbie Reynolds  18:18

Right, exactly. And then too, I think the Cloud Act coming in 2018 created is also creating another problem with the Privacy Shield and that now you're saying the courts have this extraterritorial reach, you know, the US companies in different countries to be able to take data, regardless because of surveillance. And as you know, that's the big issue. And it has been. I mean, even when the Privacy Shield was was wasn't active, I'm like, this is like the major issue that we hit. This is the reason why the Safe Harbor was invalidated. So not addressing that issue with the Privacy Shield, I saw as a problem. But then the Cloud Act, which was supposed to be a way to get companies out of the hot seat where they're saying, like, Look, we'll give you the data, but they have to work with the country to try to work out these deals. So now because of that, I think that's gonna make any future Privacy Shield 3.0 like even that what's more difficult to do?

 

Jeff Salling  19:26

Yeah, I agree. We've had a few matters that we go through the Hague Convention. And those steps and I think, ideally, what I hope to see is that we more regularly get into tiered discovery. And this is I've been a huge proponent of that since I've been in this role, that if we have for easy math, we'll just say 100, custodians and 50 are in the EU or in Switzerland, and 50 are in the US. Let's start with smaller amounts. And let's have real discussions. And I know it's always gonna be tricky because we're adversaries. But what we've seen is our sophisticated adversaries, they're on board with it, you know, because they also why would they want to review a bunch of garbage that comes out or a lot of redacted documents and things like that. The bigger challenge today, and this is probably the topic I focus on the most in my class, is that discovery and privacy have now taken in some matters priority over the merits of the case. Like you don't get to the merits anymore, because and I won't even say because there's discovery violations, it's because one party has made the appearance of discovery violations, whether they're appropriate or not. One side has argued so vehemently against what the other side's doing or what they're disclosing. And that I can say is, it's a bit frustrating. Because those of us who've been doing it for a while, we could do better at making those arguments. Oh, yeah. But I feel like it's somewhat against our morals and ethics, that if someone doesn't have a true violation, I wouldn't want to make that argument. I don't think it's appropriate to make that argument. Yet on a regular basis. Now, we get questioned on some of the most ridiculous things. And again, you know, thinking how forward-thinking we are, we have people who complain about email threading, who complain about deduplication.

 

Debbie Reynolds  21:43

Yeah,

 

Jeff Salling  21:44

I recently had someone tell me that that's the suppression of evidence. Oh, my goodness. And just kind of pause. Like, that was a real comment. Okay, we'll continue, then I just waiting for a laugh or the next punch line. And it's, it's amazing. Yeah. Cause I think like, Well, actually, we decided this, like, ten years ago, can we at least talk about something that's from the last five, like, at least complained about Tar. That at least people complained about five years ago. And then we have even governments now, which is where I'd say I'm most surprised by some parties when I see the government being substantially more sophisticated than some parties when it comes to ESI protocols. When it comes to privacy, yes. And like, you just need to educate us sometimes on what you need to take out of a document, if it's coming from Switzerland, what Swiss rules are, we'll grab some local Swiss counsel, who are excellent to say here are our requirements, this is what we need. If you don't like this, you can go through the Hague, and that's an avenue that's open, it's going to take longer, or we need to comply with this. And, you know, and I always think it's interesting when we get arguments to that, because our opinion is always, like, we're paying more to do this. We don't want to do that we would like to give you more, you want more, we want to give you more, but we can't violate people's rights to do that.

 

Debbie Reynolds  23:15

Exactly, exactly. I don't know, I feel like some people are like, you know, I didn't learn this in law school. So I'm, you know, my defense is gonna be to argue about it, instead of really learn like, this is totally new and different is not something you probably learned in law school, and maybe, you know, especially for cases that have sort of US and other like, say US and European data. For me, I've always handled those separately, like a parallel track, but separate workflow and everything because it gets too complicated. You know, where in the US we're used to, you know, the Hoover vacuum coming in, just suck up everything and throw it into a hopper. You know, everything in Europe is not accustomed to collecting that much data. So you're gonna have less data anyway, in my opinion, and then you need to be more careful with how you're handling it. I would love to talk about redactions, your favorite topic, I'm sure. So in the GDPR, when they talk about, you know, creating pseudonyms and then making things anonymous. For industries that haven't done any action, okay, so people say okay, we'll just, you know, make it anonymous or whatever. And maybe they think they're putting a piece of tape on a piece of paper and listening over, and we know it's not that magical. I want to talk with you about your feeling about redaction, especially for people because a lot of people who are elicits podcasts aren't necessarily ediscovery. But because we're all working on data, we all have the same challenges when we work for a multinational company, so give me a little flavor of what people can expect and why they, why redaction or creating pseudonyms or creating anonymous documents or it's not as easy as it sounds.

 

Jeff Salling  24:58

Great point. The first thing I'll say on redactions is know how to do it. I have one of the President's trusted advisors, he produced some documents to spec 17, in PDF form with redactions that weren't actually burned into the document. So many of us who saw this, we were able to take the document and see what was underneath it. I believe it was actually the same thing happened in the Wells Fargo case from a few years back where they had the big disclosure of their 10,000 biggest clients portfolios, you have to know how to do it, you have to work with people who know how to do it. And that's where the tools you're using definitely come into play. If you're, if you're drawing the boxes on TIFF images, you know, that process is kind of tried and trued, it's been around for a very long time that that's gonna work. If you're using some of the native redaction tools, you need the right workflow to make sure when the production happens, you actually produce the redaction on the native document, you don't produce the earlier version pre redaction that's kept in the background or the TIFF image that you ended up not redacting because you did the native document, but you already at TIFF documents. So there are things like that that can just be workflow nightmares, right. And then another really important piece for redaction that I think sometimes gets missed. And I know that we recently had a conversation with this is, well, can't you just ask the custodian to waive their rights? And I said, Well, first of all, you can ask, you can seek consent. In some places, there are some jurisdictions that say pretty much from your employer, you can't give free consent. But if we take that aside, and we say that you know, we'll take consent, you can consent to your privacy rights. So if Debbie and I are living in the EU, and we're emailing back and forth, and I can waive my rights, but if we're emailing back, and we're sharing pictures of friends and family, and we're talking about private things, Debbie's rights are also in my email, and I can't waive her rights, I can't say that she's fine with it, too. Whether she is or not, I don't have that power. So to actually not just go to a custodian, but go to every single person that might have private information in their email account. It's not really feasible, right? Especially on a larger matter. So it's understanding what needs to come out of those documents. What you really want to include, because maybe I'm the person who's the subject of this investigation. So if my information was not redacted, it would be a huge benefit. And Debbie, being a much better behaving employee, a much more wholesome individual, she's not doing anything wrong. So they're not looking to investigate the thing that she's saying that might be, I guess, a middle ground. I hope to see the technology here get a lot better. I think it already has, you know, this first wave of kind of privacy identification, and then this next wave of building the redactions around these co-ordinances of these tools. Ideally, at least it gets us even if it was half the way there, even 25% of the way there. Yeah, that would just be a tremendous benefit for us to be able to process auto redact out the portion and always are going to need people when it comes to something this serious, we're likely going to need human eyes on there for a little bit longer anyway, right? Yeah, I'm one of those people that thinks the computers are already beating us at chess at driving, we're not gonna be long before it's gonna be able to find Privacy Information a little bit better than us.

 

Debbie Reynolds  28:59

Exactly, exactly. So how do you feel? Or is it at all? In your opinion? How has How is COVID-19 impacting privacy in your work or life? Or what are your thoughts about that?

 

Jeff Salling  29:16

I think COVID has potentially impacted privacy quite a bit. Even recording like this, if my little man comes running into the room, which for some reason, this door doesn't latch, so people regularly come running into this room. You know, now he's in the video. He's being recorded, right? Do I want my four-year-old or my 17-year-old to come in? And I actually thought my 17 year old would come in because she knew I was talking to Debbie. I think the only reason she's not is because she's laying down for nap break during lunch because napping is more important than eating these days. That's right, um, but any other time of the day, she would have skipped school to come say hi, for sure she would run in have popped in.

 

30:05

I miss you.

 

Jeff Salling  30:08

I gotta go, though, because I'm in class right now. Um, do I want that out there? Right? Do I want their images saved now in a database that Zoom holds and potentially that you hold? But what can I do about it if I don't like it? And even from a conversational standpoint, you know, I, I made the joke earlier that Hunter, my four-year-old, is probably broken attorney-client privilege over ten times since we've been home. Because I always wear a headset, even though I'm in the office by myself, just because I don't want other people to hear what's going on. And in this household, they don't want to hear what's going on either two lawyers for you're going to talk about discovery at dinner again, could you be more boring people. But that aspect, and then it's also just material. You know, we had a lot of policies in place, not just from a global privacy standpoint, but even from a personal standpoint. You know, and, you know, us trying to go to digital, I think it's pushed us there a little bit quicker, whether it's for signatures, whether it's with contract review, document review, outside of the wonderful world of E-discovery, right that, you know, we're not supposed to be able to print from home, right? You print at work, and you keep things at work. And now, well, this is work, the home office, but right, our machines didn't even allow us to connect other printers and now right, and I guess similarly, around USBs, we dis activated those. So I'd say we've highlighted a lot of efficiencies around discovery and privacy. And I think one thing that we're highlighting around that that combination is how we move data. Because we've had people who have had to go on-site, I think, right in March, one of the first collections we needed to do was in Italy. Mm-hmm. It's like, no one's there. How do you get this done? Like, why do we have anything that needs to be done on-site? Like that's a dated approach. So how can we move data in a privacy-compliant way via the cloud? Via just more efficient means? And I'd say that's one big, big change we've made, is being able to move our data and then understanding where it goes, because that doesn't mean well if I can move it now from anywhere, we're just gonna ship it all to the US because that's where, no, it's still gonna stay where it needs to stay. Right, until those wonderful redactions are put into place. Exactly. But that part has been, it's been really interesting. And then I also think that is going to lead to a whole lot more people are going to focus on the technology to bring these tools that we want to place, right. And that's gonna allow us probably to minimize, you know, instead of three years, it's going to be a year from now, or a year and a half, because people are focusing on innovating so much more.

 

Debbie Reynolds  33:33

I agree. I agree. So what is your dream? Okay, so if it was the world, according to Jeff and Jeff could decide what needs to happen with privacy. What would you What would your wish be in privacy over the world,

 

Jeff Salling  33:50

besides us being neighbors, so you can watch the kids go out? Go on a date for once in my life when I'm allowed to leave the house again? Come over for dinner?

 

Debbie Reynolds  33:59

Exactly, exactly.

 

Jeff Salling  34:01

my privacy dream, I would say more unification. The US is it's starting to scare me. Yeah. If we end up having 50 different regimes of privacy. That's, I mean, that's a terrifying thought for us to have to look at. Well, Jeff works in New Jersey, but he lives in Pennsylvania, but he's actually in Michigan right now. What wins the day? Yeah, that's, and I guess, to some extent, where we were in Switzerland. It was true. Because, as you know, from visiting, we're right on the German French-Swiss border. Right. So we have people in each place, but at least we had a great process in place for that. In the US. We don't yet. So it's unification. I don't know. I feel like a Federal privacy law. As much as I read about it, it's not gonna happen. I don't see how it doesn't. But I also think that It just might be me selfishly wanting one clear answer. So I don't need 50 answers,

 

Debbie Reynolds  35:05

Right?

 

Jeff Salling  35:05

Or at least it is waiting long enough until I retire. So I don't have to be the one that has 50 different answers in the US along with across the globe. And there's an I guess it's the same outside the US as well. I know, India, for one, they were transitioning closer to a GDPR approach, right? Oh, that got COVID delayed. But it still seems like that will happen. It's just late. That part's important that we get the unification. I think the next step, though, is that we have real conversations about consent. Yeah. And one if we're going to allow people if we're going to ask companies, because there are, you know, like in Switzerland, there's not just Privacy Information around the individual, but also for companies, right? There are third party business secrets. And I know there's something similar within the GDPR. So are we going to start contracting around it? Because we can't do that for business secrets? If the contract says so. And then for the individuals, are we going to make it easier for them to give consent because there are people like myself, who you can take all of my work emails today and produce them to the government? I don't do personal things in my work account, right? To the extent that my wife lets me the day that's the wrong account, don't email that account. You know, the email, the Gmail, don't put don't send that to work. But I don't have a problem with it. And I would sign a waiver because my mindset is, why would I want my company to go through and redact my information when that money could be spent making drugs to save people's lives or making therapies or making genetic benefits genetic therapies to save people's lives? I don't want $1 going to redact out anything I have in an email? Because I don't have anything personal or private in my email? Because it's my work account. And I'm a grown-up. Yeah. So I don't put an account.

 

Debbie Reynolds  37:13

Absolutely. Yeah. Cowboy up and separate your personal or work stuff.

 

Jeff Salling  37:17

Yes. These two phones are there for a reason.

 

Debbie Reynolds  37:20

I have two phones.

 

Jeff Salling  37:22

Yeah. And even if my company didn't pay for the one, especially with how cheap phones are today, not the phone itself. That's a bit of frugal, but then the plans themselves 40 or 50 bucks a month, I'm going to have a work phone for forever. And if anyone wants that phone as well, I know that's another kind of hot topic from a privacy perspective as mobile devices.

 

Debbie Reynolds  37:46

Yeah.

 

Jeff Salling  37:46

If you can even ask for it in some certain jurisdictions. Yeah. Good luck. You're never gonna get the phone. Right. You can have my phone, my work phone. The personal phone's not going anywhere. But my work phone, the same thing. You could take it today. There is not a picture, there is not a text. There's nothing in there that I would care if it got disclosed because I separate the two. Because I do this for a living.

 

Debbie Reynolds  38:12

Yeah, yeah. Fantastic. Well, we're coming to the end of our time. But before we end, I wanted to throw in a personal note, and you have to remind me of this. So a couple of years ago, you and I were supposed to speak at a conference in London, and it got moved around, and we couldn't do it. And then you invited me to Switzerland to visit you and the fam, and we had a blast. But you took me up to a castle in France. And I have to thank you for that. Because Debbie wouldn't have done that on her own. You made me I was not going to go all the way up to the top you like, come on. There we go here. And I was, I finally got there. So I'm happy that I actually did that. So I have a thank you for that. It was a fantastic experience.

 

Jeff Salling  38:55

Absolutely. I still have those pictures. Those are still probably my favorite view that I had while living there, you know, to drive over to France be over to overlook I think we could probably see to Germany, but definitely France and Switzerland. That was a very, very cool experience. And it was really fun for you, me and France to Francie my daughter to go to France and do something like that. That was just such a fun experience. We're so happy that you came and joined us. Spent that time, it was just pointing out that the other two were traveling to the US well while you were visiting. But yeah, that made it fun. Because similar to what we found ourselves, and now unless you're a motivated person, you sometimes can get stagnant. So like we travel on the weekends and things, but yeah, sometimes we just wouldn't do anything for a while. So to have you come, well Debbie's here, so we got to do something. Let's get out of the house. Let's try a new restaurant. Go to France. Let's do these things. It was a really unique experience and really fun to be able to make such a good friend.

 

Debbie Reynolds  40:07

Yeah, that was fun. And then I think we went to a Chinese restaurant with German menus. The food was great.

 

Jeff Salling  40:15

I have a goal to have Chinese food in as many different countries as possible. And I'm doing pretty well so far. I'm doing well.

 

Debbie Reynolds  40:24

You really can't go wrong with Chinese food. Like no matter where you go. So if you're you don't, I'm not sure what to eat, find a Chinese restaurant.

 

Jeff Salling  40:31

A gonna be delicious. There's no doubt about it.

 

Debbie Reynolds  40:36

Well, thank you so much. This is such a thrill to have a conversation with you. And of course, I'm sure we'll have other conversations as we always do.

 

Jeff Salling  40:44

Well, it was an honor. I was very excited to get this ask from you. I think you're doing an absolutely fantastic job. I'll make sure that in this house, you're still Aunt Debbie even though I feel like "The Data Diva" is gonna be a more popular name for you across the industry. The most we'll do Aunt Data Diva, but we'll see where the kids end up.

 

Debbie Reynolds  41:13

Hilarious. Well, thank you again. And thank you so much for being on "The Data Diva Talks" Podcast,

 

Jeff Salling  41:20

An absolute privilege.

 

Debbie Reynolds  41:21

So have a good day, and I'll talk to you soon.

Previous
Previous

E2 – Susan Brown of Zortrex