E17 – Marie-Claire Péroux
Your browser doesn't support HTML5 audio
Data Diva Marie Claire Peroux
41:14
SUMMARY KEYWORDS
data, privacy, people, companies, talking, Europe, business, read, nice, french, small businesses, jurist, transfer, law, world, develop, design, EU, amazon web service
SPEAKERS
Debbie Reynolds, Marie-Claire Peroux
Debbie Reynolds 00:00
The personal views and opinions expressed by our podcast guests are their own and are not legal advice or official statements by their organizations. Hello, my name is Debbie Reynolds of "The Data Diva Talks Privacy" Podcast, where we talk with business leaders around the world about their privacy issues that businesses need to know now. I am super happy to have Marie Claire Peroux from Paris, France, on the show today. Hello, Marie Claire.
Marie-Claire Peroux 00:41
Hello Debbie.
Debbie Reynolds 00:42
Marie-Claire PÉROUX and I met on LinkedIn. I always read all the things that she posts. And for some reason, I think there are four of us always talking together. It is Marie-Claire PÉROUX from Paris. Tara TAUBMAN-BASSIRIAN LLM from the UK and Pia Tesdorf from Copenhagen. Often, we end up exchanging information, or sometimes we end up the four-way conversation going down, like oh, my goodness, see what happens with this particular issue, but I want to introduce Marie for sure. Marie Claire is a consultant jurist, GDPR specialist, international, European economic, and commercial law expert. Also, she is just really brilliant about, you know, you're very forthright about your feelings related to privacy and how that impacts people in a digital age. So welcome.
Marie-Claire Peroux 01:45
Thank you today. Thank you for inviting me.
Debbie Reynolds 01:47
I want to start out with something I read last night. It was your morning and my night. Right? Someone was talking about Data Privacy and talk about. But for me, when I'm talking with people in Europe, I like to hear nobody tell me about their feelings about privacy is very different, I think, than people perceive it here in the US. So tell me your thoughts about privacy and Data Privacy?
Marie-Claire Peroux 02:21
Well, first of all, you know why I like to follow you because you're one of the rare Americans talking about privacy as a human right. And that's the main difference for me, between all US and or any other culture. Here in Europe, it is a human right, and it and you see it in every instance, every law, every French law I read, it refers to human right. So it's not something to take lightly. And when I read when, for example, the CCPA in California, we talk about persons as a consumer, and here you are, here's the difference. In Europe, data is not a commodity you can sell. It has nothing to do with what, although we might discuss that later on. But it's completely a completely different view. And that's the heart of a problem. Because, for instance, you see processes in the US developing new, no new processes, but they work in an entirely different world, an entire culture. And I think that's a heart of a problem between Europe and the US. We do not speak the same language when we talk about privacy.
Debbie Reynolds 03:37
I agree with that. I agree with that wholeheartedly. And I always talk about that the difference between human and consumer rights. So yeah, civil rights are much more narrow in their focus. So you can't really compare consumer rights to privacy to a human right. Human rights users have so few consumer rights that you can grant. Right, is there a consumer? So I think it is really important to talk about that distinction. But so much of the laws, regulations in the US are based around commerce. So it's very much a different mindset, where I think a lot of people feel like they have privacy in the same way that you all have in Europe, and we just don't have privacy belongs to your information. It doesn't really belong to you. So I tell people, you know, your Social Security number and the US has more privacy protection than you do as an individual. So your data, in some instances, is protected in a way. So for me, I'm really keen on having that distinction made in the US, where we are looking at privacy from a human rights perspective. As opposed to a consumer right,
Marie-Claire Peroux 05:02
And I don't see it coming to the US. I don't think so. I just see, for instance, I was just reading to before we connected in France with COVID, the French government sent an SMS to many French people, advising them to take care and blah, blah, blah. And many, many people started to go through our authority, which is clear, and they were complaining, and the clear just posted today, ok, it's ok, you had they had the right to send you a direct SMS, which goes far, you know, people start to be very well aware that it's the, it's not normal, but the government all of a sudden send them directly SMS, do they have my phone number, what's going on, and the Canadian had to come up with a statement. And that makes all the difference between you see, French people or European people are more aware and go much faster in defending their rights, especially privacy, privacy is really something you would think no, but yes, people are much more aware. And even the youngest generation, so it's nothing, nothing to do with your users to talk about yourself on social media, you're very attached to privacy,
Debbie Reynolds 06:21
While I tell people too because, you know, I've talked with a lot of people in Cybersecurity as well, that privacy existed before computers, so those rights are intrinsic, in many ways, and they are about expressing things that a human would want for themselves. So I think the digital age has made it different because you're saying now I'm taking something that was inherently private or no one really cared about before. And then you're creating a thing of it, you know, digital, and then now people have to really try to assert their rights so that they can have that not be used in a way that they don't want. So like, the example I use is to say, like no one cared 30 years ago, have you walked down the street and got milk, so but now you have a phone in your pocket, and that that trip that you take now is being recorded by your phone, and someone may be using it to sell it or whatever. So it's just a different way to have different lives to look at things. But it's just it's very different in terms of how this is expressed.
Marie-Claire Peroux 07:38
No, but the core signification is still the right to think by yourself, you have a right to be alone, the right to close your door, even though you have connected the object in your house, the right to say no, yeah. And it's very much alive. And I hope it stays alive. Although, everything goes and the other way. Everything pushes towards less and less privacy. Yeah. And it's annoying, but I think people like us or jurists, or lawyers or should resist.
Debbie Reynolds 08:11
Yeah.
Marie-Claire Peroux 08:14
The lost code, but still, I think we should resist, and we should say no people, should I still say no.
Debbie Reynolds 08:19
Yeah, well, I'm sort of taking all those gaps. And it's interesting to me to talk to different groups based on their perception of what privacy is. It's very different. I think the more talking we do together and sharing and breaking down of barriers between each other. I think it definitely helps. So there's something like you're very passionate about privacy by design. So I would love for you to explain to me what it is about that that makes it that you're so passionate about.
Marie-Claire Peroux 08:54
Be patient with me in a perfect world on paper? Is everybody with the privacy by design, we wouldn't be discussing problems, and should I use this process? Should I hire this guy? I mean, if every producer of connected objects or if every processor would think before producing about privacy by design, I think we would have much fewer problems. That's the perfect world. But it has a cost. You know, I'm I consult with small businesses, small and medium businesses, which is in another world and you arrive, and you arrive in a company very often they have developed for two years, their product, and very often is always about processing private information or personal data. And you're right after two years of development, and you will start seeing her. By the way, if you use some things or when you put everything on Amazon, or you use this for development in the US, some tools are really not ok with GDPR. And they look at you and think, whoa, it's a hindrance to my business. It's an inconvenience. I think so many companies do not understand that they have to have privacy by design from the start of a business. It's not on top. It's not; it looks better. It's part of the business. And this is the thing that meets on and on again, and again, I arrived too late in the process, right? And then when I say I'm a thinker, compliance is a cost. It's annoying. I would have to change this. Do I have to stop doing this so badly? Which not some probably you just have to adapt the way you do things? It's not always a big no.
Debbie Reynolds 10:47
Right.
Marie-Claire Peroux 10:48
Are you collecting personal data for several years? And they have a large list? And you don't know. But if I had a legal basis, and then.
Debbie Reynolds 10:56
Yeah.
Marie-Claire Peroux 10:57
Probably my so yes, privacy by design. And by default, again and again. And I just had them because I'm curious, but I want to understand the technology part.
Debbie Reynolds 11:08
Yeah.
Marie-Claire Peroux 11:09
You cannot be only a jurist. You have to understand how it works. For real.
Debbie Reynolds 11:13
That's right,
Marie-Claire Peroux 11:14
Of course to French University, young developers. They were next year, we are going to go to the job market, and they had two hours of privacy by design, what is it? What what are you looking for? And I was all on principles? Because if you don't know the principles, you cannot apply them? Right. So I think what's lagging is knowledge, education, of technical people of engineers because they are the ones implementing the privacy by design.
Debbie Reynolds 11:49
Yeah, that's true. That's true. I, when the GDPR first came out, and I read the concepts about privacy by design, I think that's definitely my favorite part of it. Because I think a lot of times, when you're looking at laws, people create it, too. They create it after some harm has happened, right? So they're like, don't do this, don't do that, or whatever. But to me, the concept of privacy by design is so forward-looking, you know, it's so proactive. So that was so surprising to me. That wasn't a lot. And I think that's part that, you know, especially if people aren't really rethinking their process, you know, I felt like, when that when the GDPR came along, in 2016 in May. I woke up that morning. It was May 25. And I thought that when I woke up, I see all this news about GDPR, and how it's gonna be like, you know, change, you know, tectonic change in the way people handle data. And in the US, there was, like, not one story about it. And I was very disappointed because I thought this is so major. I mean, especially about the design part. Because if you're not thinking about these concepts at the beginning, you're not gonna like to say it. You can't add it at the end and can't stick it on. It's me. It's not a tweak that you make. It's kind of a point of view that you have to have or a concept you have to be able to grasp as you go along the development process.
Marie-Claire Peroux 13:34
Yeah, GDPR was the first law that includes privacy by design. It's the first time it's mandatory. It's not even a choice. But I think everything behind this is the lack of education, lack of education of business owners, small business medium, and business owners. I'm not talking about the large companies. They have the means to hire legal staff. But bases in France, most of the companies are small to medium businesses right now. That's the main part of the economy. And this lack of knowledge until now about privacy by design about GDPR failed allegations. It's still lagging so much.
Debbie Reynolds 14:16
Yeah, it is it is.
Marie-Claire Peroux 14:18
What to do? I think we have to keep educating and keep talking to people until they really understand until it sinks in. I try to work with I work with companies also on emerging technology. So I like to get a while very early. I'm working on a project with people who create augmented reality and virtual reality products. And so we're working on a framework that the developers can read through and use before they even start that process because as you said, you know, after the process develops, you can't really make the tweaks or you know, those changes, and it's not baked in. It won't really stick. Yeah, you can, but that's a cost. It's always a cost problem as well. It's not one, yeah, it's me. Should I go? If I go very well, my business is going to be harmed. I'm going to have to change everything. My code is not good.
Debbie Reynolds 15:16
Yeah. Yeah. Yeah, I know. It's so bad. But I would love to know what in terms of the Privacy Shield, the EU US Privacy Shield invalidation. First of all, what do you think of it? And how are your clients reacting to this?
Marie-Claire Peroux 15:35
Why do I think I think it's a real mess to explain it to anybody to understand. But first of all, most with most companies, small companies, I still insist, are not really aware of what tool they use. They have not even right needed any attention to what they use. The developer says, ok, I need this. I look, panga, I take this, I download it, it's fine. Ok, let's go. You have no idea what they signed for it even once their product is in production? I mean, once they are, they start using, and we start gathering personal data. You have no idea on which tools it's based. So what I think is that education again, you arrive, and you say who by the way, we have to look through everything you use to produce this nice new software. Have no idea. Maybe they don't know what happened. Because ok, we know we have been looking ok. Because most of the people have no idea. It has not been in the news. And most business owners have no idea what happened. And we try to convey to them, but now all of a sudden, they have to look for the entire judicial system of another country. I mean, yeah, it's nice to find for a large company, again, because I just read before talking to you every read the EDPB guideline after the posts trend.
Debbie Reynolds 17:09
Yeah.
Marie-Claire Peroux 17:11
Nice, great, but no small companies can do that. No, yeah. And if I offer my service to do that, it's going to cost so much that it's just mind-boggling and impossible. Oh, yeah. From a practical point of view, because let's get practical, right now, I would say ok, look for the things you can get rid of, for instance, if you use the tool to send your newsletter, easy to switch to something else because they are other offers. Yeah, you talk to a company that has developed everything on the Amazon Web Service, and you comment on it. Ok. They say that everything is fine for that state of the contract, contractual clause, where we are fine, but still, you read some line, but oh, from time to time, we might be able to touch to open your file, and we have to go to your data at one point from the US. And here we go. It's open to Schrfems II, right? Oh, can you tell to business to switch the entire business from Amazon Web Service to what? What's the offer in Europe? I mean, it's difficult. I mean, it's good, you have to explain that it's I think it's a too high policy for a small risk. It's big concepts, big things. It's nice and fine. But try to clean it to small business just
Debbie Reynolds 18:41
I know I had Allen Woods on my show. He really talked to that point, which is true. So a lot of these things are so hard to do, from a technical and practical point of view, because, and then just sort of doing it without any warning. It's like, oh my goodness. So people are really, you know, companies, for the most part, want to follow, you know, the law or the edicts. But I mean, you know, so much, especially right now during COVID, a lot of people have so many financial concerns, you know, with their businesses, so especially, you don't want to introduce something new, that's going to create, like an additional burden or additional costs on those people to make these changes. So it's definitely attention, and I agree that the bigger companies probably are the ones that are using this transfer mechanism the most, and they probably have the better way to either pivot or litigate.
Marie-Claire Peroux 19:44
Or to audit or to ask for more, something more, and their contractual obligation, even though it's not enough. But look, I have a very precise example. I was talking to a business owner, a small business owner, but nice software. He developed himself everything on Amazon Web service with some data very sensitive, like health data or children data. And he was telling me, ok, even though AWS is certified in Europe to hold, held the data, got the certification. I told him maybe nowadays. Maybe you should switch to something else something in because they are other clouds certified for health data in Europe. And he answered me, yeah, but AWS is cheaper, and it's, the offer is great. Why should I do it? And then you see the French government. They have this health data hub, they developed it, and who did they choose, Microsoft?
Debbie Reynolds 20:55
Right.
Marie-Claire Peroux 20:56
And of course, Data Privacy Authority clear said no, not possible. You cannot put all health data from France on Microsoft. Impossible. But yes, sir. Ok, nice. But ok, we gave ourselves two years to switch. Right? So you see that, and you are talking to a business owner, no. Little company and you're telling him, oh. You have a healthy diet. You must switch to something in Europe? Is it not? Because if you look at GDPR, there are certain fields where states, member states still have a say for health data. Mm-hmm. Everything relating to work? How do you say your job law? Right, these in these fields? Do states still have their own laws? We can ask, right? So it's not specific in that term for health data, every other member state, which is a problem for the free flow of data, which we go to the Data Governance Act, they want to open this flow of data that member states keep for themselves because they are highly sensitive health data. So it's not specific to France. But yes, health data are you have to be extra serious, and both and you have to abide by local laws on top because you find it nice, but it doesn't cover everything.
Debbie Reynolds 22:29
That's right. That's right. Well, you just mentioned the Data Governance Act. So if you could explain to me, explain to the audience what it is, and then give me your thoughts about it.
Marie-Claire Peroux 22:42
So it's still in discussion. So yes, very much hooked on it because it might change. I've read through what on paper, as usual, is fine and nice. But in practice, we are still things to be discussing. I think we are things that will change him. So I read through it again. And again. What I got is that all of a sudden, in Europe, we were talking about human rights, finding nice, but now the procedure data has value to and that they would like this value to be accessible by all the businesses, including health data, including sensitive data that member states have a tendency to keep themselves open the free flow in EU not a free flow outside EU. Right. But it's no mana. It's a free flow of the market. So what I understood, because this is not so clear for everything, they want to have two separate, how do you say the flow, you have a data holders that could be public? Governments, companies, natural persons, data sharing services, which is new, a new category, and data users, developers, small businesses? Who would want to have access to this data? It's a separation of power, not once you have the power to access everything at once. Ok. And there is a new wording with data in English data at random, which seems I've never heard anything like that before. I don't know if you did know, for data, which is a bit counterintuitive for the US, certainly for the again, data has value. So data is a commercial value and data, a tourism data for the sake of it for the good of humanity, ok for genuine interest. And what I find a bit annoying is that with tourism, the general interest is very vaguely defined, not even defined. So I think there's much more work to do. So basically, some companies or some people would give data for it. For the good of the people, right? Ok, I practice, I don't know, but I mean, ok, good. Something which has to be discussed again, it's too big, much too vague.
Debbie Reynolds 25:13
Yeah.
Marie-Claire Peroux 25:14
Worried about is ok. So, you have these three stakeholders and the Commission. The Commission has a large part in the working on all based on a lot of power, especially if there is adequacy again, not being secrecy for GDPR adequacy of a country. But this data adequacy. And its adequacy ensured by the Commission. Right, and we look at the protection of intellectual property and trade secrets in the country of export of data. Ok, now, how do you manage that with GDPR adequacy? I don't know. Again, they take the same thing as Schrems II protection effectively applied and enforced. They take the same view, whether effective judicial redress, you find the same thing. But I wonder how, how do they do that with adequacy under GDPR? It's not a layer of adequacy or reject. And the second point is that this Data Act concerns all data, not only privacy, private data, not only personal data, so data from companies that IoT everything commercial. But I would like to know how to make this work with GDPR. I find tons of clients, for instance, will consent to give their data to intermediaries, and these intermediaries will sell them for a fee but a small fee to companies. They want to develop new products, this concept form they want to develop a concept for the Commission with I wrote it down because it's not so clear. Yeah, you can data a tourism consent form, but you're in the consent form. Ok. How do you think that with this concept that everybody tries to get under GDPR?
Debbie Reynolds 27:22
Right?
Marie-Claire Peroux 27:23
To me, either, we all go t0 with consent form would be nice to have a uniform consent form, because this concept GDPR concept that everybody tries to get very difficult to get.
Debbie Reynolds 27:34
That's true. That's true. This is what I came up with. And it's sort of the reason why I think this is happening. So when the GDPR came out, there was like a letter that the working group came out with about, they want, they definitely want strong protections on GDPR. But they don't want the GDPR to squelch innovation. So I think the thought is, you know, not for the big companies or the big companies, there'll be fine, they're going to be ok. But for the small and medium-sized companies that are wanting to innovate or need data or information, they wanted to try to come up with a way that they could give people access to data. They would probably like someone wouldn't normally consent to. So I think the idea is to try to make it in some way more anonymous in a way that they can share it more or, you know, use, you know, pseudonyms and stuff like that. But it is confusing, and I agree. I don't know when they start talking about it. I'm like, so how are they actually going to do this from like, a technological perspective, like I didn't understand how like, is it the sort of mini databases or one database? You know.
Marie-Claire Peroux 28:50
It's written that, for instance, a public authority wants to give access to its data, it remains the controller, I think, I think there's always a transfer responsibility with intermediaries. That's right, you would put all your data, and it's not only anonymized data from what I understood, but it also doesn't have to only anonymize because anonymize data is not always exploitable when we have to have access to real data, I guess. And so much, I mean, you concentrate large data files, sensitive large data files to these intermediaries. First of all, security, I mean, transfer and when you see how, in governments and you when you see in public authorities, the security they have is not always up to standard. And you asked for it to send large, sensitive data, the large list of sensitive data to these intermediaries. My concern is how, and they were discussions here about data portability, they have already under GDPR, hard time to find common data portability, or technically, how do you do it? I want to take my data and transfer it to another service. But technically, it doesn't work so well. Some companies are at last find a common way to transfer data from one service to be exploitable by another service.
Debbie Reynolds 30:34
Right? Because you can. So for a company, this is a really good point about data portability. So right, so a company can give you your data in whatever form that they, you know, can export it to you. But that doesn't mean that you're going to be able to take it and put it someplace else.
Marie-Claire Peroux 30:53
Behind data portability, there was a sense that, especially competition now, a company cannot keep the data for itself. And you should be open to competition. Great. But since each company is very protective of its business, how do you transfer out? Because if you ask a Google or Facebook transfer of your data, they have you click, and they give you all the data? How is it useful to you as a person? How can you hear it? What you received, of course, the data transfer data, you have your data. The second point is how are you going to transfer all this data coming from different member states from different constraints, local constraints, and you want to bring all this data to be portable to be able to exploit to make it exploitable by other companies? Technically, I'm not a technician, but how do this in a secure way? Second point? I'm very concerned about the security side of all this.
Debbie Reynolds 32:10
As am I. I'm very concerned. I hear you know, so I read the theAct as well. And I've looked at the, you know, the European data strategy as well. But I really do want to see the technical aspects of how they are able to achieve this technologically,
Marie-Claire Peroux 32:28
They have not yet achieved it. That's for sure. Because under GDPR is still not achieved is the same permanent GDPR as well. They set aside a lot of the GDPR. I think we should talk about it. Ok. You see, it's mentioned across the Open Data Act, but I think they have not thought enough. But among this data, a large part will be personal data still.
Debbie Reynolds 32:55
That's right. Yeah.
Marie-Claire Peroux 32:57
Yet company data is mainly personal data nowadays. Ok, we have a duction data, but I don't think they will want to give it even for treason. Large will be data. And I would like to see more how they want to consent to transfer with personal data. What consent, I mean, like, people are already very confused. It's consent forms and consented to transfer my data, and then we add up another layer of consent. Ok. It has to be discussed much more.
Debbie Reynolds 33:31
It does. Absolutely. Well, because we're all confused about this. So I think, especially on an individual level, like, What do I do? How do I do it? I think that's the question.
Marie-Claire Peroux 33:42
Because you see, of course, every company wants to have access to this data. Of course, they want to have access. It's a goldmine for them. But basically, a lot of his data will be personal data. So persons will have to accept, even if it's health data for further studies. And I think it's going to be extremely confusing, extremely difficult to explain what is this is all about? Why should I give my data for companies to develop new services to make more money? Why do I get from it? That's what a tourism part is against?
Debbie Reynolds 34:16
Yeah, that's definitely the next question. So even if people don't want to monetize their data, I think, you know, they want to know, how does this benefit me?
Marie-Claire Peroux 34:25
You can monetize data because it's a human rights and human rights value. This I really, I'm really attached to that, although you right now want to monetize data, and I think not to be monetized. It's that's another difference with the US part. Like we do, monetize data. We've not, and people should not sell the data because the value is infinite to humans, but still. Why? Why should I give for why as a company should I get it? I don't know if they and I were. They were such, not many mentions, but just a small mention of small businesses again. That's what they want. They want more competition. They want small businesses to businesses to have access to the larger set of data. The data is not held by large companies. Again, the surveys suggest that they have as a cooperative, I don't know it's a French word, but I know in English, how you pronounce it anyway, all businesses would aggregate in this capacity and have access to the data as such, because individually, it would be much more difficult to access. That's true. That's true. You have to have a common go between these companies to find common interests. That's true. And I don't know how you balance that with the competition.
Debbie Reynolds 35:54
That's such a hard, that's a hard issue to even figure out. But I'm sure we'll be talking about this for many years to come trying to figure this out.
Marie-Claire Peroux 36:02
But it's the idea there. And yes. Companies are eager to have access to this course. You know, I want you to talk just; briefly, I was listening to x webinars, and there's a French company provider of electricity, large, very large provider of electricity. And they said something interesting, but they were the DPO said that we are becoming a data company, we were a provider of electricity, but now we are basically a data company because our smart electricity, no, registered, how do you call it? Data has become our main goal, to develop new services? And I think that's quite interesting to hear. Oh, yeah.
Debbie Reynolds 36:48
I've heard that too. People have said, you know, almost all companies are data companies now. Yeah, they need this information, you know, whether they're developing products or getting new services, there is an attachment to that data. So the question is, how do you get the data? You know, do it legally do it in the right way? So that's, I think that's the question everybody's grappling with, I think, especially for smaller businesses, where I feel like people are going to, people want to give less data, people want to trust people to give their data to so I think they're going to give their data to fewer people. And I think that smaller, medium-sized businesses will suffer more if they can't gain that trust.
Marie-Claire Peroux 37:31
You know, the term trust in the Data Governance Act, you see it a lot, if you try to the county I encountered but trust is everywhere, it is tech, they want to bring trust in giving your data. So that means that they understand that there is a trust problem.
Debbie Reynolds 37:47
That's right. I agree.
Marie-Claire Peroux 37:49
The company, from individuals, so they want to bring trust. Ok, I personally don't trust anybody to transfer my data. I left the right-center, and especially health data knew.
Debbie Reynolds 38:02
Oh, my goodness, that's true. Well, we're coming up at the end of our session. This is fantastic. I would like to know before we end, if it was the world according to Marie Claire, what type of changes would you like to see in you know, relations, either the EU around the world related to privacy?
Marie-Claire Peroux 38:25
Oh, the EU has its load of regulations and case laws. I think we are covered there for quite some time before we get to apply with GDPR properly. Every company's going to take some more time. So no more regulation. And regulation is finding noise, but it's really heavy to make it through all small businesses. So I think Europe is quite covered, I think. And I quite like the way Europe is handling privacy protection. And you can see that other precedents we didn't talk about it as an as a convention that oh, 108 plus from the console of Europe, which is not the EU but considered Europe, which that's the GDPR in its treaty. And this treaty is the only other way to impose privacy protection internationally. So I don't know how many signatories they have, maybe 47, 48 countries. I think that's where we should go. But GDPR like, rules are beginning to spread. And I see. I would love the US to have one big rule for Federal rules. Illinois, good. Ok. Cc. Ok, stop it. Because when you want to make from you, you want to do business with the US. It's a headache. It's just mind-boggling them.
Debbie Reynolds 39:49
Yes.
Marie-Claire Peroux 39:50
I'd love to see more. How do you say that? Something more common ground answers.
Debbie Reynolds 39:58
That's right.
Marie-Claire Peroux 39:58
We're handling personal data. But again, we do not have the same culture as China.
Debbie Reynolds 40:07
Oh, yeah, that's true. Yeah. Even China has developing comprehensive Data Privacy laws.
Marie-Claire Peroux 40:15
Like that for you to China, China nowadays. I mean, quite possible.
Debbie Reynolds 40:21
Very true. Very true. Well, yeah. Thank you. I agree with that as well. I think that's what we want here in the US, and we're looking, you know, I've admired quite a lot over the last 25 years or so, the things that the EU has been doing with regulation related to privacy. So we're going to keep up the good fight, Marie Claire, and keep moving forward. But thank you so much for being on the show. I really enjoyed this. This is very enlightening, and I'm sure the listeners will really love to hear your point of view.
Marie-Claire Peroux 40:55
Well, I hope so. Thank you for the invitation. I had a great, great time talking to you.
Debbie Reynolds 41:01
Thank you. Thank you so much.
Marie-Claire Peroux 41:02
Ok, see you. Bye.