Data Protection & Tech Advisory
The world is a’changing, and so are the rules of engagement. Privacy and data protection, information security & compliance with the legal rules and regulations that concern them are no longer “nice to haves”, but must-haves. I can help. Whether it’s understanding the laws and all their complexity, building up a data protection and security program, assessing risk, or building in meaningful privacy by design, I can help you do it in a sensible, practical, and realistic way.
My goal is to help you move away from privacy theater and help make privacy real.
Writing & Speaking
I write and present a lot about the intersections between technology, law, policy, and the unintended consequences that occur when people move fast and break things. I’ve written for GRC World Forums, Techdirt, and speak regularly about this stuff. I write most regularly on LinkedIn and Substack.
To get an idea of my style, you might want to check out one or more of these articles:
- Welcome to the Splinternet
- Data Protection Myths that Continue to Persist
- What Happens When Everything Becomes Inferable?
- On Fractal Complexity
- Beyond Privacy Theatre, or Why Our Laws Mean We Can’t Have Nice Things
Core Competencies
Implementing privacy / security by design & default | Data protection / privacy impact assessments (DPIA / PIAs) |
Risk assessments of novel tech (AI, ML, privacy-enhancing tech, blockchain, facial recognition) | Writing & Advisory |
Data subject request handling & support | Data breach & incident response management |
Why You Should Work With Me
- I deliver pragmatic, road-tested & realistic results without the BS, scare tactics, product shilling or absolutism.
- I’m product/service agnostic, so you won’t get a hard sales pitch to buy a new shiny piece of software or SaaS solution you don’t actually need.
- If you don’t have the resources (yet!) to hire a privacy team, I can offer a cost-effective solution to help you meet legal and regulatory obligations without spending a fortune.
- Working with me ensures that your organization bakes privacy and security best practice into your products from the start, because playing catch-up sucks.
- I can help do the boring, but entirely necessary stuff that your organization needs to do, but makes peoples’ eyes glaze over.
- People actually like me because I’m pretty good at making sense of all the hard stuff — I don’t spout legalese and will tell you what’s what. No bullshit.
- When I don’t know something, I work with some brilliant minds who probably do.