This week we have Debbie Reynolds, “The Data Diva,” join us to discuss the current state of data regulations, privacy, access, and what’s on the horizon for data in the legal industry. Debbie is a 2022 ABA Women in Legal Tech Honoree and the host of The Data Diva Talks Privacy Podcast.
According to Debbie, there is exponential growth going on in technology and the types of data that is being captured. At the same time, governments across the globe are trying to find ways of regulating how businesses and organizations can capture and use data they gather from individuals. These two event are not coordinated so it has created a “Wild West” situation where the law is trying to catch up to the realities of data gathering in the business world.
Training on data security is also lagging behind what is really needed today. Most training on data security is framed around the idea that “data security is everyone’s responsibility.” Reynold’s response to that is unless you are more specific about what it is you need people to do in regards to data security, then it turns out that “everyone’s responsibility is actually no one’s responsibility.”
As technology advances beyond encryption, satellite integration, IoT devices, and morphs into the Metaverse, the types of data produced and gathered is going to completely overwhelm any government’s ability to regulate it. The Data Diva thinks that if we don’t start creating more transparency when it comes to individual’s data privacy, it’s just going to get more and more complicated than it is right now.

Listen on mobile platforms:  Apple Podcasts LogoApple Podcasts |  Spotify LogoSpotify
AALL Crystal Ball Answer
Wolters Kluwer’s Anand Daga is our last AALL Crystal Ball response. His view of how the legal information industry will change in the next two to five years revolves around how the information is delivered to the end users. He sees things in much smaller chunks of information delivered to the researchers in shorter, practical methods in ways that value the practitioner’s time.
At Legal Value Network eXperience

Greg is going to LVNx this week and will have The Geek in Review stickers to hand out. So if you’re in Chicago at LVNx, be on the lookout and prepared to answer our Crystal Ball Question!

Contact Us:
Twitter: @gebauerm or @glambert
Voicemail: 713-487-7821‬
Jerry David DeCicca

Marlene Gebauer 0:14
Welcome to The Geek in Review, the podcast focused on innovative and creative ideas in the legal industry. I’m Marlene Gebauer,

Greg Lambert 0:21
And I’m Greg Lambert. Marlene, I’m going to be flying up to Chicago this week… my kind of town. But I’m going to be there attending the Legal Value Network eXperience conference. And I’m going to be grabbing some of our new stickers to bring along to hand out for the for the podcast.

Marlene Gebauer 0:43
Well, Greg, you will do much better on the sticker passing out than I did at ILTA. And this is the problem with having too many pocket books and tearing your house apart to find the stickers except for the one place that they are.

Unknown Speaker 0:58
Of course

Marlene Gebauer 0:58
Yes. So I am actually looking forward to some short r&r in the coming week. And you know, maybe an adventure to

Greg Lambert 1:06
good good. Yeah, I don’t have the pocket books to worry about. But what I tend to do is when I’m traveling, I put things in a jacket that I don’t wear until I go traveling again.

Marlene Gebauer 1:20
That’s the problem with too many pockets.

Greg Lambert 1:20
Yeah, it but I will tell you I have found money before.

Marlene Gebauer 1:25
That’s a good that’s a good feeling.

Greg Lambert 1:27
Yeah, that’s a good feeling. Oh, speaking of stickers, I got the artwork for the superhuman law division podcast back that I do with Joshua Lenon from Clio. And there’s an artist in Austin. He goes by ChangoATX. I love his work. So I reached out to him and asked him to do something and it came out really good.

Marlene Gebauer 1:50
It did. It did it did I really liked the artwork. But what do you think about your hair?

Greg Lambert 1:55
Well, I will tell you, we went through many iterations of the hair. And so we got it down from I looked like a really good Santa Claus with the pure white hair. I got him to darken that a little bit. It’s probably too dark. But oh, well. Oh, well. I’ll just have to get a little Grecian formula. Go and match it up. Yeah, that’s not going to happen. So well. Marlene, I know that you and I consider ourselves to be pretty special in our fields. But today we have a true diva on the show. The Data Diva herself Debbie Reynolds.

Marlene Gebauer 2:36
Yes, we do. We talk at length on the issues surrounding data access, data governance, data security, data privacy and the issues we face with data in the legal industry. Now Debbie has her own podcast, The Data Diva Talks Privacy. It’s a great show if you haven’t checked it out. But first up, we have Anand Daga to give us our last crystal ball answer from the AALL conference. We’re here What an odd has to say about how the expectation of legal researchers will change in the future. And then we’ll jump right into our talk with Debbie “The Data Diva” Reynolds.

Anand Daga 3:11
Hi, Greg, thanks for having me. This is Anand Daga Product Manager with Wolters Kluwer responsible for tax and intellectual property product lines over there. So Greg, in terms of what we are seeing, and what we are noticing in the industry is a couple of different factors that probably will come into play in how the legal research in general will change and evolve. First, I mean, in terms of the practitioner themselves, we are noticing that the practitioners expectations and how they perform research is changing in that, for example, what used to be the norms of research, treatises, long form, written text is evolving, where the expectation is that practitioners need to be led more towards simpler, more practical forms of commentaries more insightful, links to not just their practice areas, but rather links to even other practice areas that may give them a more comprehensive, holistic view of the problem kind of thing. So even if the question may be that of tax, the topic at hand made that we have tax, but they may be interested in taking a more holistic look through getting insights from the world of securities or even intellectual property, or bankruptcy, if those are relevant to the topic at hand, so that they are more well informed. So that changes how content providers package and present the data or how they metadata, for example, tag the data on the back end and how they present the data so that the workflow for the practitioner is a bit seamless. Second, from a technological perspective, of course, all of us have been reading about advancements in artificial intelligence, in API’s and what that could do for the practitioner. But of course, we as a company have been investing our resources into those with the basic idea that practitioners would like to cut down on the research time. So for systems to better understand what the practitioner is wanting to find, basically, and leveraging artificial intelligence, for example, to understand that either through the practitioners behaviors, questions of the past, or understanding what other practitioners may have done in a similar situation. So leveraging all of that to get to a better insight faster for the practitioner. And the last one that I touched upon API is basically where we are trying to enhance the workflow for practitioners. Again, going back to my earlier point about answers shouldn’t be in silos. So if I know through API’s, I could actually present a data or other insights across stacks across intellectual property, and present that to the practitioner in a more holistic fashion kind of thing, all within maybe a single tab, instead of going through six different tabs, for example. So those would change the behavior or the navigational workflow of how the practitioners go about it, saving them a fair bit of time in that process. So those are some of the changes that we are starting to notice.

Greg Lambert 6:13
Okay. I just want to follow up for you on the expectations on the research on the simplicity, the being able to link to multiple things very easily. Are you seeing that in the younger attorneys? Or is it a change across the market? What what do you think is causing that change in the expectation?

Anand Daga 6:33
So I would say the younger attorneys definitely would probably be leading that expectation and the behavioral change, because that’s what they are, both through the their own practice areas. But even generally, in terms of where the overall content providers are going, leading the change in creating more and more short form versions, whether that be the written word, or whether that be audio, everything is moving towards smaller chunks, granular chunks of data. So in that, yes, I would agree that it’s the younger generation, probably leading the charge. But of course, what one generation picks up, even if it’s a previous generation does actually latch on to that to a degree if the answer is better kind of thing. So as an example, in our world of tax, we have started over the last few years, tax essentials, which leverages some of the points that you and I just discussed, shorter, practical, more practical commentary, with a lot of examples, comments, caution, notes, bullet forms, citations, etc, inline citations. So those are all ways where we are trying to leverage the time of the practitioner in a more efficient manner. But we are noticing that it’s not the younger Gen, just the younger generation, but it’s even our more experienced practitioners who have been on our platform for many decades now. We’re starting to leverage and move more towards that style. So I think it is both it is more holistic.

Greg Lambert 7:57
All right. Anand thank you very much for taking time to talk to us.

Anand Daga 8:00
Thanks, Greg, for having me.

Marlene Gebauer 8:01
We want to welcome a fellow ABA Women in Legal Tech honoree, Debbie Reynolds to the podcast, Debbie, we are so happy that we could make our schedules work, so you could join us.

Debbie Reynolds 8:14
I’m so excited to be here. Thank you for the invite. I really appreciate it.

Marlene Gebauer 8:18
So Debbie, you are quite adept at social media. That’s how I initially found out about you even before the ABA awards. I saw your data diva posts on LinkedIn and Twitter along with links to the podcast. So tell us about that creative process and how it’s impacted you.

Debbie Reynolds 8:36
Sure. It’s really interesting. So I think for me, I decided to put myself out there on social media, and I’ve sort of done it in baby steps. So I you know, first I started with asking questions, and then I post articles and eventually we got into video and podcasting. So it seems like I’m doing a lot but I do a ton of stuff in batches and just sort of sprinkle it out on a regular basis. To me, it’s been fun. It’s been great because it’s weird in a way because I get to run into people who know me that I don’t know.

Marlene Gebauer 9:11
You’re celebrity right?

Debbie Reynolds 9:15
Oh my god. So cool. Is a great icebreaker. Yeah, it’s been wonderful.

Greg Lambert 9:23
Yeah, I think Olga Mack mentioned something similar to that a couple of weeks ago when she said people start waving at her from across the room and she’s just got now where she just waves back because they they know her or know of her. And so she has to catch up and get to know all the people that know her now. So you’re you’re in the same boat, which is not not a bad boat to be.

Debbie Reynolds 9:43
Yes, crazy. I was on an airplane once and the guy said hey, you’re the Data Diva. That is Crazy.

Greg Lambert 9:52
Yeah, have to be careful if somebody says oh, you’re one of one of the geeks whether what they really said a good thing or a bad thing that a good thing or a bad I think the bad thing. So you have noted that privacy is the new litmus test when for businesses, do you mind diving in a little bit about that by what you mean and, and what it means for the business, and what it means for that businesses’ employees as well as their customers or clients?

Debbie Reynolds 10:21
Well, what we’re seeing in the world, I guess there are two things happening. One is there is the exponential growth of technology and the types of data that is being captured. At the same time, we’re seeing a growth globally with regulations, trying to manage how businesses or organizations capture data of individuals. So these two forces, they’re not exactly aligned or in sync. And I think companies that are going ahead doing business as usual, not looking outside of their organization to figure out what’s happening around them, we’ll you know, end up in a ditch, so to speak, you know, whether they be fined for regulation, whether they start to lose customers, because they’re not really giving customers the type of transparency that they want. You know, we’re seeing companies, you know, a lot of companies in the news, being fine are seeing a lot of data breaches. And a lot of that has to do with data management, data flows, understanding what data you have, protecting the data, you have one big thing, especially in legal, you know, this is something that’s like the antithesis of the way lawyers or law firms or legal folks in the working is the conventional wisdom has been, let’s just collect as much data as possible and keep it forever. But we’re saying regulations say, Don’t keep your forever and you know, make sure you have a purpose. And so that’s a complete shift, the opposite of what people have been told to do in their career. So I think for companies when they’re handled data, I think, as you see all these data breaches and stuff, one of the big takeaways that I get for pupils keep less stuff have a good reason for keeping things, you have less data, especially legacy data. For this, you don’t need this aced out within an organization, that data has a low business value, but it has a high data risk in terms of cyber breach, and also data privacy regulation. So you’re you’re reducing your footprint in terms of the data that you keep, you’re also reducing your risk.

Greg Lambert 12:33
Something we old records managers used to preach all the time when it came to data. Of course, back in the day, it was the banker boxes full of paper that we had to send off to Iron Mountain, but now there’s just so much information out there.

Debbie Reynolds 12:51
Absolutely. You know, I love the information governance folks, they’ve been preaching this forever, you know, I always advise them, you know, information governance doesn’t sound all that sexy, but you know, data breach, people don’t like that word, or people don’t like to be fined. So they can hitch their wagon to those terms and say, Hey, what I’m doing can really reduce the risk and the cost to the company. I feel like those types of programs are getting will get more traction as a result.

Marlene Gebauer 13:18
Yeah, I think information governance isn’t sexy, but data breaches less sexy, I think. Right? And it’s funny, because you know, it is a struggle, but to sort of remove that security blanket of hey, we might need that someday. I’ve worked for organizations where there was a very big emphasis on how it was everyone’s responsibility to be aware and be smart about data security. So the message was we the employees were the best line of defense. But given some of the challenges, we were just talking about, sort of the the whole change in course as to how we used to do things. How do you bake data privacy principles into your organization of people who aren’t professionals in this area? And who, you know, honestly might not want to do it?

Debbie Reynolds 14:05
Yeah, I think, I don’t know. I feel like sometimes when people talk about privacy or security, they’re, like it’s everyone’s responsibility, but in my view, we say is everyone’s responsibility is actually no one’s responsibility, right? So no one’s gonna pick up that ball unless you’re more specific about what you want people to do. I think in terms of data privacy and cybersecurity, when people are working day to day understand, you know, the not only the contribution that individuals are making to the organization, but also what types of things they’re doing that may be subtracted, right? So having passwords that are saved, you know, maybe on posted notes or having your computer unlocked at a coffee shop or something like that you’re creating more risk for the organization. So I think giving people practical tips, but What they can personally do, like don’t click on those links, or don’t click on things that have to do with, you know, you didn’t get a hair inheritance from your long lost uncle or something, you know, don’t do that, you know, people still do that. So that’s, you know, you have to tell them no, don’t do that.

Greg Lambert 15:16
It’s amazing what you still have to tell people to do. So you know, such as, don’t put that USB drive that you found on the floor into your computer

Debbie Reynolds 15:25
It is amazing, when I look at the data breach stuff, and it’s always some something new is a new way, or new flavor was always pretty much the same thing. So it’s like, you get contacted most of time by someone who you’ve never heard of before. They want you to do something, they create, like a sense of urgency. And they want you to take action, and they want you to do it fast, right? So that’s like, those are like the three things that no matter what they say, like those are the three things they always ask for. So I tell people like don’t react don’t respond, like the world’s not gonna go on fire. The person really wants you or they really need to contact you, they’ll have alternate ways to reach you, you know,

Greg Lambert 16:09
well, there’s they’re still around because they still work.

Debbie Reynolds 16:12
Right. Exactly.

Marlene Gebauer 16:13
You know, exactly. And I will say, you know, my experience with with firms is, I mean, they do do extensive training with everybody every year about, you know, what phishing is and examples and what to do and what not to do, and how to lock your computer in the coffee shop, stuff like that. But still, I think it’s a challenge. I mean, they even test people, like they’ll send dummy things to see if you get phished. You know, so I mean, it’s good that they’re doing that, but it’s, it’s, I think it’s a lot for people to remember, you know, just in the day to day.

Debbie Reynolds 16:45
Well, and then, you know, the people who do this, you know, a psychological manipulation, right. So they play on your emotions. So, a lot of times where you’re thinking, when you’re feeling things emotionally, you’re not really thinking. So, you know, I’ve had situations where, you know, had teams go through security training, and then like, the next week or so, you know, phishing attempt, you know, they say, Oh, well, you know, these kids in Guatemala need money. So I took out my credit card, and I’m like, Oh, my God, like, where are you not listening? Oh, I can’t believe this happened. It’s like, let’s not be so so naive, or, you know, slow down, just just don’t do anything. Yeah.

Greg Lambert 17:30
I like that. Slow down, slow down, or show security guy was here in the office today doing doing that training. Marlene? So it’s it’s constant? Well, it goes back to the old adage is, the hacker only has to be right once to get in. And we had to be right all the time. So I want to talk a little bit about, you know, some of the motivating factors that have kind of helped law firms come to the realization of how important it is for privacy. And you have things like GDPR, which changed the the privacy landscape for firms. And then when we had COVID hit, and we were working remote, that was another significant shift. So let’s just kind of stand back. And do you mind just kind of catching us up on? Where do we stand currently, in terms of privacy regulation, when it comes to law firms and requirements that we’re having to face?

Debbie Reynolds 18:33
Well, you know, a lot law firms are kind of late to the game. When GDPR came out, a lot of people were kind of shocked about it, I remember I got some big corporations before it came out and like, Hey, this is a big deal. You guys need to kind of pay attention, you know, it’s gonna change how you guys do business. A lot of people didn’t believe that. But once they started, see, you know, so many different impacts so many different companies, you know, a lot of us, we’re kind of in a global market, right? So a lot of us, we aren’t doing business, just just in our town or city. But we have clients, we have data, you know, going across the borders, and so all of these things impact company. So what I’m seeing law firms now, you know, they’re creating the visuals for privacy and visuals for cyber security, doing that sort of on a legal basis. But I think there’s still a great need and a deficit of people who understand and can kind of communicate from that legal and technical standpoint, because we still have companies getting like these huge fines from doing, you know, certain things and a lot of it, it’s not because they don’t have good lawyers, it’s because they don’t know how to change the way they operate.

Marlene Gebauer 19:46
Debbie, we all saw the Alex Jones debacle unfold on TV and in the news, you know, and this is where Alex Jones is attorneys released content that they shouldn’t have and essentially destroyed their case. So how do firms avoid making that same mistake?

Debbie Reynolds 20:04
Yeah, that’s a good question. So, you know, whenever you see about these things in the news, it they make it seem like it’s kind of some gotcha moment, like, everything’s perfect. Everything’s going perfect until there’s one thing happened. And then all hell broke loose. What really happens is that, you know, especially in a discovery situation, bad things snowball. So a bad thing happens, it gets worse, you know, the longer it goes. So there are kind of a multitude of failures that have to happen for that this to happen. Especially, you know, we know, you know, in this particular case, I think in Texas, they had clawback provisions. You know, the other counsel said, Hey, you guys turn this over, and they were supposed to have 10 days to reply, they did, and, you know, so there’s some failsafes in there, you know, obviously, there should have been more, you know, some technical folks in there like say, Hey, don’t do this, or the stuff that you don’t want going to other people should be totally separate from stuff that you do want to go to other people. So being able to have like a proper attorney review, and being able to segment and bucket that data in a way that is it is Kent, you know, you have to create methods and procedures or process in place, so that stuff just doesn’t get out. And so none of those things seem like it happen. So I don’t think it’s a gotcha moment. It’s like falling from a tree and hitting like every branch on the way down, that’s pretty much what happened.

Greg Lambert 21:30
Back in the early days, you know, we had to worry about our computer, which basically stayed in our office. Now, we all have laptops, and even worse, we have mobile devices. And those things are constantly coming out with new changes, new updates. And in fact, iOS 16, just come out. And one of the features that they’ve set up on that is that it allows within a certain period of time to recall and edit capabilities on iMessage. Now, so I don’t know if you’ve been able to dive into that. But I’d like to get your opinion on, you know, is that going to have any type of impact on preservation requirements when it comes to litigation?

Debbie Reynolds 22:21
Ah, yes and no. So I don’t know, I guess sort of like a Snapchat, is Snapchat, the app that has things to disappear?

Greg Lambert 22:35
Yeah, after 24 hours or something? It goes away.

Debbie Reynolds 22:37
Yeah. So when they say it disappears, it really doesn’t so. And the discovery sense, I mean, that may give people a false sense of security, or they say, phew, I deleted that, or whatever. But in order for that system to work, it has to be stored somewhere, right? Even temporarily. So I think, you know, delete, it doesn’t mean delete it, especially depending on how you get those messages. So you just because you don’t may not see it doesn’t mean it doesn’t exist. So I think probably there’ll be more situations where people will use that feature, or misunderstand what that means. I think that, you know, we’re seeing, especially in things like Snapchat and other types of femoral message apps, you know, those things do exist still, even if you may not be able to see it within your app, or what you’re doing.

Greg Lambert 23:30
Have you seen any type of technology that really has had a bearing on eDiscovery?

Debbie Reynolds 23:37
Definitely, you know, text messaging, you know, I remember when people didn’t want to capture data from phones, even though a lot of people were doing stuff on phones, right. So it took a lot of people a long time to go, oh, you know, we’ll just call, we just collect people’s, you know, laptops or whatever. And it’s like, well, people actually do stuff on phones, and there’s data there. So I think just having a phone, phone is basically your computer in your pocket. So thinking of it that way, knowing that it has data on that way, I think is interesting, but then also kind of one of the newer wrinkles that are coming up as IoT devices, Internet of Things devices, so smart speakers, or different types of devices, that you have the track information, you know, those those devices may have data that’s discoverable as well. People may not be thinking about that.

Marlene Gebauer 24:32
I mean, it’s it’s true when you think about you know, if like, if anybody who has like Alexa and in their homes and who’s controlling, you know, sort of using Internet of Things like to kind of control their heating or cooling and their refrigerators and, and whatnot. There’s a whole bunch of data that I guess is able to be accessed, that is accessible from

Debbie Reynolds 24:56
the data everywhere, right? So I think from With discovery standpoint, it just it opens up a world of possibilities that you know whether that’s good or bad in terms of data types of the types of things that you may need to capture you want to capture for a particular case.

Greg Lambert 25:16
I’m just curious. I know this isn’t on our list of questions here. But I’m going to hit you with an anyway, it because we’ve talked about things like Snapchat, we talked about text messaging, I’m sure we’ve implied things like WhatsApp, or there’s this data encryption. Have you taken a dive into the new Facebook metaverse? And how communications may apply in that type of environment?

Debbie Reynolds 25:41
Yes, so I actually work with an organization called XR exci. And they do standards for augmented reality, virtual reality, mixed reality men diversity type things. So I run their compliance part of their program. So compare different laws or gaps and laws around how people interact in immersive environments. So it’s a huge deal. I think people don’t realize, you know, when Facebook name themselves met, and they sort of, you know, they kind of brought that word Metaverse into kind of normal parlance. But, you know, the metaverse isn’t gonna be about Facebook. And companies like Facebook, so meta versus about devices and sensors that are monitoring and tracking information about you. Even though a lot of times when people talk about it, they talk about more of a kind of a consumer type of device, you know, like a goggle that you wear, and that’s despite, you know, I think those types of uses won’t be have as much traction as the other things are being developed that people aren’t thinking about. So, you know, there are Metaverse applications for things like, let’s say see, help helping Spartans simulate surgery so that when they operate on a real person, they don’t kill people. You know, companies using it for trainings, let’s say you went to a training session, instead of looking at a video or something, you may roleplay you know,

Greg Lambert 27:20
exactly what I was thinking that those those guys got awful cringy moments where they make you roleplay in right, sexual harassment.

Debbie Reynolds 27:29
Yeah, so you do that you’ll do that. Or, you know, I’m seeing, you know, or education. So there are going to be a lot more. So I see a lot of use cases that are coming up in education, medical, and even job stuff. And so, in that, that way, you know, I think people won’t be able to avoid the metaverse and for me, I think, you know, a lot of times we think about it, they think about kind of virtual reality type. But I think more interesting play is kind of the augmented reality. So maybe wear goggles to have like an overlay of something that you can see or importing information or saying, hey, gray, you’re walking past the drugstore, you have like prescriptions of pickup are solid, you know, so weird and wacky things like that. You know, I think that that those are the types of things that probably will end up getting a lot more traction.

Greg Lambert 28:29
Yeah, I imagine it’s just like everything else. It’s not going to be an introduction of something just out of the blue. That’s so new. It’s going to be a gradual, little bit by little bit. And all of a sudden, the next thing you know, we’re in that in the metaverse, I did have one follow up question to that. And that is who’s going to be in control of the data? And is there any any word that you’re hearing right now as far as governments or self regulation for the industry on how to control that?

Debbie Reynolds 29:07
Yeah. It’s very wild west right now, you know, I’m working on Metaverse privacy standards. And so there aren’t, you know, a lot of local laws unfortunately, get implemented because of some harm that happens, right? So some bad thing happened and we pass a law, the problem with these types of technologies that you can’t really wait for something bad to happen to pass a law, right. So there may be situations where there really is no adequate legal redress for harm that can happen to someone in an immersive environment, you know, like someone’s Pokeyman go and falls off a cliff or some crazy thing like that. I don’t know. But I think you know, we’re, we’re facing a challenge that maybe we never faced before. So being able to have standards in place, have companies that are developing these tools, try to build private See, and you know, in their design of products, and they’re also companies, they want to implement these types of technologies, they really need to look closely at how they’re trying to do this implementation and make sure that they’re, you know, transparent with individuals and also try to find the best ways to mitigate the potential harm.

Marlene Gebauer 30:20
So I’m going to shift back to law firms but but specifically, sort of people who are beginning their careers in law firms. So the digital natives, these folks are very used to sharing data as a normal part of life, I think perhaps, their idea of privacy might be different than someone who’s been in firms for a longer time. Now, when they come into a legal department or a law firm environment, do you find that there’s that there’s a struggle with some of the restrictions that are put upon them? Or did they find some of the rules challenging? And how do you deal with that?

Debbie Reynolds 30:59
That’s a great question. One thing that I’ve noticed with digital natives is that they’ve been accustomed to the the ways that technology makes their lives easy, right? Well, we know the data on the backside is not easy, right? So, you know, I’ve had people say, Oh, the cloud is easy, we’ll throw stuff in there, and we’ll all our problems will go away. So I actually have the same problems. They’re just in the cloud, you actually have more problems. So you know, the idea that this somehow your consumer facing experience is kind of all there is to know about data and data collection. And that risk, I think, is a misnomer.

Marlene Gebauer 31:42
Yeah, I would have to agree. You know, my son talks about friends like, oh, you know, they bought clothes at this site. And I’m looking at that site. I’m like, no, no, you’re not gonna buy anything from there.

Greg Lambert 31:56
Yeah, but I think you’re right on the fact that and I’ve always said that what we consider digital natives are just people that are more comfortable on the user side of technology, right? Not necessarily on understanding the technology, but just using the technology. So I like how you, you phrased it, in the fact that they understand it, and as a consumer, and as the how it’s made their life easier. That’s a good way of putting it because I always think people, my age or older, tend to think, Oh, well, they you know, they’ve grown up with this technology, they understand it, and it’s like, well, now they just know how to use it. They don’t understand for certain

Marlene Gebauer 32:38
things. They know how to use it, you know,

Debbie Reynolds 32:41
right? Yeah, I remember Oh, my God, this was so long ago, I guess this is when I pause came out, right? Ready, the first iPod? And I was discussing a data move, right? So we had like, tons of data to have to copy from one location to another. And it was, you know, as you know, those are very time consuming. And actually, I had a lawyer tell me, Well, I can download 1000 songs on my phone on my iPhone, or I Pyles. iPod. The iPhone is worn out by them. So I find I’ve lost like, look, this is not the same thing. Right, we’re not even talking in the same universe of data. So yeah, that wasn’t a very good now.

Marlene Gebauer 33:32
I think we all we all get it and sort of understand those conversations where it’s like, yeah, it’s it’s easier than we, then you think it is? Because of, again, what you what you’re used to, from a consumer standpoint, and it’s a different situation

Debbie Reynolds 33:50
all through? I’m sure.

Marlene Gebauer 33:51
So Debbie, I know you belong to a number of boards. And why is it important for women leaders to be on boards? And how do they get on them?

Debbie Reynolds 34:01
Wow, that’s a great question. Well, first of all, it is important for women leaders to be on board. I have some friends over in Europe, where they insist that that boards have a good, you know, not just one woman, but you know, multiple different blends of people on board. So I think people who are on boards need to really do that advocacy and really reach out. I think if you’re interested in being on a board, you know, reach out to people who are in the industry that you’re interested in and say hey, how can I do this? I’m interested in this and you’d be surprised how many people will be open to it. What I found is that a lot of type of board positions, you know, a lot of companies they don’t really go out and do any deep look. They just sort of grab people that they know and toss them on boards, right? So if you know people who are either on boards or are with companies that you’re interested in, you know, reach out try to develop a relationship let them know You know what your interest is, you never know, you know, you may end up on a board or an advisory council. I also say, for people, you know, there are organizations, one organization I’m involved with is EDRM. So I’m a privacy advisor for them. And so I like EDRM. And organizations like them, because you know, they’re not for profit organization, they run a lot of different programs. So like, let’s say, they’re writing a paper on a particular topic, or they’re doing a presentation. And so people kind of come into those situations and decide they want to collaborate on something, you really get to know people outside of your organization when you do those things. And also, you’re creating work. So you’re putting content out into the universe, things that you can point to in the future, hey, I collaborate on this, this model for you know, eDiscovery, in the metaverse or something like that, you know, so those are always really cool things to do. And I like it. Because for people who don’t want to do do a gargantuan effort is like, everyone splits up the work that works together. So it helps,

Marlene Gebauer 36:14
I think there might actually be some good opportunity for people who are involved in, you know, privacy and cybersecurity, because I think I heard that like New York, and maybe some other states, like they’re revising some of their guidelines, and I think they’re saying that boards of directors either have to have a cybersecurity expert or work with a third party, that is a cybersecurity expert. So, you know, people like you, you know, are gonna are gonna have have a multitude of opportunities to to be part of boards, I hope.

Debbie Reynolds 36:49
Yeah, they’re getting a no, no, the US seems to be very prescriptive, and how they write law. So a lot of these aren’t like, oh, maybe it’s great that you have this, you know, I’ve seen a couple of the things, especially like, in the financial area are like, yeah, you need to have a one, you know, one person that knows this, this stuff about FireWire, you don’t fare really very prescriptive about it. So I think what they’re trying to hit office is situations where a company gets in trouble. And then you know, you know, they they get investigated, and they’re in court, and they’re like, Well, I don’t know what the hell happened, you know, so. So they want to make sure this that, that organizations have someone, either internal or external that knows what the hell is happening. They can ask for questions. Yeah, it can’t just be like, I don’t know what happened. I, you know, ever no one knows. So yeah, find someone who knows, that’s what they want.

Greg Lambert 37:44
So we’re at the part of the show now, where we ask our guests what we call our crystal ball question. And so Debbie gonna going to ask you to pull out your crystal ball and kind of peer into the future for us and let us know, what you see in the next say, three to five years, when it comes to cybersecurity and privacy and the law? Well,

Debbie Reynolds 38:10
I think that there’ll be so many more regulations around privacy, more than we have right now, at the state and federal level in the US. I think that you know, the growth of technology. Right now, it’s going to be, you know, from here from now, the next few years, there’s going to be an exponential growth in technology. So, you know, we see stuff with iOS, I think it’s iOS 16. In iPhone 14, they may have like satellite, you know, relay for calls, you know, which will be really good. But that brings all types of privacy concerns that that satellite folks never have to deal with until stuff like this. So I think, you know, the data is gonna continue to grow, the technologies kind of grow exponentially. The regulations will try to keep up, we won’t keep up. But you know, I think those things are definitely going to happen. So I think, you know, I’m hoping to see more transparency for individuals, but I think it’s just the landscape is gonna get this so much more complicated than it is right now.

Greg Lambert 39:16
Well, Debbie Reynolds, thank you very much for coming in and sharing your insights on security with us. We appreciate you coming on.

Debbie Reynolds 39:25
Well, thank you. I enjoyed the conversation. I love to chat with you guys. Anytime.

Marlene Gebauer 39:29
Thank you.

I always love having data privacy people on the podcast because, you know, I Oh, it always gets me going is like in terms of, oh gosh, you know, do we actually have any privacy anymore? I don’t know. And you know, I appreciate that. People like Debbie are are trying to make it clear to us like what we can do to to protect ourselves and our organizations.

Greg Lambert 39:54
Yeah. And she’s got a great podcast, the data diva talks probably Have a seat podcasts great. And I actually listened to a few of those. And one of the things and it’s kind of dovetails to what you just said, and I probably should have should have hit her with the question while we had her was that we tend to think that Americans have given up on privacy, that there’s just so much of their information that’s out there that they feel like they throw their hands up, because there’s no control over it. Except that when companies do make an effort to protect privacy, those companies tend to get rewarded for that. And I think Apple is a good example, when they came out with some additional security measures of where they what they would and would not do and how they push back on certain companies. Their usage actually increased specifically because of that. So you know, don’t bury Americans in their in their privacy beliefs just yet. I think it is something that that we would like to see a little more consistency, a little more openness on what what of our information is being out there. So hopefully, I know, she talks about it on our podcast. I know she works with companies on on doing that. So it was great. Having Debbie come in and talk with us

Marlene Gebauer 41:14
today. I won’t give up yet. Thank you, Debbie. And thanks to all of you for taking the time to listen to The Geek in Review podcast. If you enjoy the show, share it with a colleague. We’d love to hear from you. So reach out to us on social media. I can be found at @gebauerm on Twitter,

Greg Lambert 41:31
And I can be reached @glambert on Twitter, or you can leave us

Marlene Gebauer 41:35
a voicemail on The Geek in Review Hotline at 713-487-7270 and as always, the music you hear is from Jerry David DeCicca Thank you Jerry.

Greg Lambert 41:45
Thanks, Jerry. All right, Marlene, I’m gonna go scrub my data.

Marlene Gebauer 41:48
Scrub away. Bye!!