So I'm a pa uh and uh this topic is very interesting because many times people tell me that I have data security and I am compliant to data privacy. So now let's understand what it means. So when I was a kid, we had a theft in our home.So thief broke the main door, came inside, looked for everything and then finally he found some cash and went away. What do we call this? It is a security incident. Yes or should we call it physical security incident? May but when we move to the digital world, we see a lot of cybersecurity attacks. Be it a Cisco injection, ransomware, fishing and many other things, I'm not getting into them, but every cyber security attack attacker is looking for something which is valuable for them, how they can make financial gains or something else like that. What is that valuable thing? Mainly data?

So what is the difference between data security and data privacy and why I am here today? So I talked about the case of uh Sam but what is privacy? Privacy is your data, my data, your name, your date of birth, your bank account number. Anything that can identify you as an individual is your data and has to be protected. So Sam's case, we just spoke about, he went on long leave and he realized that his supervisor Roger collected all the data in confidence, but he used it for an inappropriate purpose when he found out that he was not given the promotion. So this organization collected the sensitive information through the one on one chats with people who had gone on long leaves and then used it to create a profile and decide on their promotions, their compensation and what kind of work they can begin. So this company H and M was fined for 41.3 million in Germany for unlawful employee surveillance for unfair use of data for inappropriate purposes. OPEC processing because data was collected in secret. It was a one on one conversation of friendly talk with the supervisor. So what it means privacy means transparency. When you deploy any uh security solution, you don't have to tell whether I have this type of inscription or I have this type of D LP solution that is not required.

But for data privacy, you need to inform people how you're processing the data, why you are processing it, how you are going to use it where you are going to share. So that is transparency. This is a case which I was chatting on you. How many of you are uploading photos on social media? I used to get this pop up every now and then saying is that you in that photo, I had not uploaded the photo, maybe some of my friends who would have uploaded it. But how does the software know that it's me? So there are facial recognition Softwares everywhere. Facial recognition or face is your biometric. So this company created a database of 20 to 30 billion photos and used it for creating a facial recognition software. So possible that your photos are there and my photos are there. They used this data started monitoring the people and sold this data to law enforcement agencies where you know, criminal matching and everything was done. But they had not informed anybody that they are collecting this data which is publicly available and using it for another purpose. So this company clearview dot A I, they have been fined in not one but two countries and their cases are still going on. They have been banned from further processing. They have been asked and ordered to erase all the data that they had collected in this manner. How did it come to know by some security glitch?

Their client list was available on our website after that some of the configurations were there through which it led to a new privacy data breach that was found. So that is the importance of uh privacy security will be there. It is required but privacy means compliance with the laws there. Are laws like GDPR C CPA and many other across all the countries, organizations have to be accountable for what they are processing, how they are processing it. It has to be lawful and transparent. Why you collect what you collect, how you use it, how long you store it? These are the basic privacy principles that needs to be adhered. I look at the last point, security measures is one part of this entire privacy. And the lastly, you have to handle the privacy incident. If it is major incident, authorities have to be notified, you have to uh give the data subject rights. There are many, many things which come under privacy, not only security, security is essential, I would say it's very, very essential, but it is not enough for your privacy compliance. And that is where security and privacy, they need to work hand in hand for the data protection.

And it is very important that both these teams work together for our implementation of protection. So what can you do if you are an individual be cognizant of where you share the data and why you are sharing the data, how that organization is processing the data validated privacy settings of any website or any mobile app that you download. Be aware of your privacy rights, you have multiple rights right to access right to information, right, to opt out right to object certain processing and even withdraw consent. So be aware of your rights if you are an organization, define and implement strong privacy program for regulatory compliance, that's how you'll build the trust, appoint a data protection officer where it is required by the law. Lastly follow the privacy by design principles in whatever you do.

Even for a simple form that you collect personal information for the privacy by design principles. Security is about safeguarding data privacy is about safeguarding identity, respect privacy. Thank you so much Everyone for bearing with that glitch and I can take any questions if you have.

So how much, how all these fines have been paid? Uh It is a long process but yes organizations are fighting but uh some times the fines do come down but they are being paid by the organizations. Thanks Margo for that question. And there are many other news that uh you will hear every day. Even Twitter has been fined and they are to pay Google Facebook. There are many organizations which are being given these fines. Thank you everyone. Thanks for joining. Uh which channels uh would I recommend to keep updated? I would say look at iapp website. They are one of the best in the, in the market I would say. And uh you will get a lot of news from iapp.org. I will put it in the chat also. And there are a lot of organizations, even the government authorities who have their channels and uh pages in linkedin. I would suggest you follow them so that you will get the news of what guidance authorities are giving and uh how we need to be compliant. How do you evaluate New Apple privacy? I think Apple is leading the privacy and there are a lot of controls that they have mentioned. But yes, it is an evolving space with meta. I think uh you will see a lot of privacy conversations. I I would have to part that question for now, Patrice, but thank you so much. Uh how it means actually they are just a way of discussing the problem. Uh We'll have to wait and watch.

Uh Privacy is uh is the default requirement nowadays and hence uh organizations are taking care that they are respecting privacy. Also, privacy is a fundamental right in many countries and hence the laws are becoming stringent but technology is catching up. Thank you everyone.

Thanks so much for joining in. Sure, Patrice, please reach out to me on uh linkedin. Thank you so much. Bye bye.