Episode 67

full
Published on:

14th Mar 2023

5 Secrets Of A Top Performing Privacy Consultant

Unlock The Roadmap To Become A Successful Privacy Consultant

Are you a current or aspiring Privacy Pro looking to pivot your career to become a Data Privacy Consultant?

This episode has all the information you need to thrive!

Hi, my name is Jamal Ahmed and I'd like to invite you to listen to this special episode of the #1 ranked Data Privacy podcast.

In this episode, discover:

  • Tips and strategies to create a thriving career as a Privacy Consultant
  • What makes consultancy roles dynamic, challenging and exciting
  • Why a tickbox approach to privacy is detrimental to success
  • Why every Privacy Pro should learn about Privacy Enhancing Technologies

Don't miss out on this valuable conversation that will take your privacy program to new heights!

Tahir Latif is an Experienced senior leader and advisor currently directing a global team of Data Privacy experts, engineers and delivery specialists with deep experience maturing Data Governance and Information Security practices to identify and achieve regulatory compliance goals in Banking, Insurance, Education, Health Sciences, Industry 4.0, Telco, Manufacturing, Energy, Aerospace industry verticals.

Follow Jamal on LinkedIn: https://www.linkedin.com/in/kmjahmed/

Follow Tahir on LinkedIn: https://www.linkedin.com/in/tahirlatif101/

Ready to become a World Class Privacy Expert? Book your call to join the World's Leading Privacy Program


Subscribe to the Privacy Pros Academy YouTube Channel

► https://www.youtube.com/c/PrivacyPros


Transcript
Tahir:

You can't just get into privacy by putting in half an hour a day. You have to really want to make the change. I heard an interesting quote just last week, and it's saying, use your evenings and weekends to change the life you have, not to escape the life you have.

Intro:

Are you ready to know what you don't know about Privacy Pros? Then you're in the right place.

Intro:

Welcome to the Privacy Pros Academy podcast by Kazient Privacy Experts. The podcast to launch, progress and excel your career as a privacy pro.

Intro:

Hear about the latest news and developments in the world of privacy. Discover fascinating insights from leading global privacy professionals and hear real stories and top tips from the people who've been the way you want to get to.

Intro:

We're an official IAPP training partner.

Intro:

We've trained people in over 137 countries and counting.

Intro:

So whether you're thinking about starting a career in data privacy or you are an experienced professional, this is the podcast for you.

Jamilla:

Hi everyone, and welcome to the Privacy Pros Academy podcast. My name is Jamilla and I am the host of the podcast. With me today is my co host is Jamal Ahmed, Fellow of Information Privacy and CEO at Kazient Privacy Experts. Jamal is an astute and influential privacy consultant, strategist, board advisor, and Fellow of Information Privacy. He is a charismatic leader, progressive thinker and innovator in the privacy sector who directs complex global privacy programs. He's a sought-after commentator, contributing to the BBC, ITV News, Euro News Talk Radio, the Independent and The Guardian, amongst others. Hi, Jamal.

Jamal:

Jamilla, how's it going?

Jamilla:

I'm good, thank you. How are you?

Jamal:

I'm good. I just wanted to say congratulations for your engagement.

Jamilla:

Thank you.

Jamal:

Very happy for you.

Jamilla:

Thank you so much.

Jamal:

And thank you for the wedding invitation. I'm so excited.

Jamilla:

You're welcome. I was going to say, if anyone's listening and they've not been invited, well, it's your own fault.

Tahir:

I haven't been invited Jamilla and I'm all for a wedding in Cardiff.

Jamilla:

It's going to be in London.

Tahir:

I might be busy.

Jamal:

For everyone who's listening whose hearts have been broken well, guys, you didn't take the opportunity. You had the chance.

Jamilla:

Well, thank you for that. See, now I'm all flustered. I can't continue. Right? So, our guest today, we're delighted to welcome Tahir Latif, who is an experienced senior leader and advisor currently directing a global team of data privacy experts, engineers and delivery specialists with deep experience maturing data governance and information security practices to identify and achieve regulatory compliance goals in banking, insurance, education, health sciences, industry 4.0 , Telco, manufacturing, energy, aerospace and aerospace industry verticals. Hi Tahir. How are you?

Tahir:

Hi, Jamilla. Hi, Jamal. Thanks for having me on.

Jamilla:

Thank you for joining us. I realized that whole bio, I didn't put a full stop in, so I hope I managed to do that in one breath. Okay. As we always do on the Privacy Pros Academy podcast, we start with an ice breaker question. And this one came to me while I was in the Natural History Museum. Which dinosaur do you think would taste best in a burger?

Tahir:

I have very limited experience of dinosaurs. Everyone's favourite after Jurassic Park, it's got to be the TREX burger.

Jamilla:

Yeah, I see that. I was thinking if it was like a chicken burger, then something like a pterodactyl because it flies. So, like pterodactyl wings, I think would be nice.

Tahir:

Yeah, that'd be a big wing.

Jamal:

Interesting. I'm not even sure how many of those I could actually do on my halal diet, but you can do the research and find out.

Jamilla:

I was wondering this. If they're vegetarian, would they technically be halal?

Tahir:

No.

Jamal:

All right, so no dinosaur burgers for me.

Jamilla:

Let's move on to the privacy questions. Tahir, tell us more about your life as a privacy consultant. What does it involve and how is it different from if you were just employed as a DPO, for example, for one organization?

Tahir:

This is coming into my 13th year as a privacy professional now, which the first seven were in consultancy, and then the last two were in consultancy. So I had approximately five years in between where I was working on what we call client side. It's exciting being a consultant and because every day you have new challenges and new clients. So we have requirements from existing clients who want to improve either their privacy posture or their program, or we'll have new requirements coming in. When you were reading out my bio earlier about all those sectors, one of the benefits of working in a consultancy is really cross sectoral engagement knowledge and to become an SME within those sectors. Right. And that's something that if you were, for example, as a DPO for a bank, you wouldn't have knowledge of the travel and tourism industry, you wouldn't have knowledge about manufacturing, you won't have knowledge about the latest innovations in AI coding and algorithms. So the challenges for us are that every day we as privacy professionals have to apply our knowledge to new scenarios. And those challenges can sometimes be greenfield regulations such as the Middle East, but for a different sector, semi governmental, and the type of data that they need to protect and process. Or it could be an existing client for a new client in a very mature jurisdiction, but they're doing something really innovative, such as federated data platforms, data vaults, data sharing that require a lot of innovation and application of the regulations in order to make that client compliant, but also to be able to proceed with their business.

Jamal:

That's a great insight into the life of a typical consultant, Tahir and I know you've been doing this for such a long time, and the thing I love most about consultancy and why it's important that we aspire to become consultants is when you are a consultant, you have to be on top of your game. You can't stay stagnant. You have to know about the latest developments. And the other benefit to your clients is you actually get to learn different things from different sectors, and you can try those things in other sectors where you think this could actually work. But if you're just stuck in one sector, you kind of become a little bit blindsided, or you have tunnel vision. You only see things running. And the beauty of working as a consultant is you have all of this cross industry experience. You have experience of working with clients from different countries at different stages of the program. And through all of that, it makes you a much more valuable and much more holistic privacy pro, which means you can add immense value to any privacy program, regardless of the challenge. And the other great thing about being a privacy consultant is that you actually get to work with in house teams, and they may already have a DPO, they may already have lots of privacy resources, but they're relying on you to bring a specific expertise that they don't have because they've remained tunnel vision and stagnant. And that's why consultancy pays so much better, and that's why the work is so much more rewarding and so much more fulfilling. And of course, if you are fortunate enough to land yourself a role like Tahir, you get to travel around the world as well. Tahir, tell us more about some of your travels.

Tahir:

ope with GDPR coming up since:

Jamal:

Sounds really glamorous. Hopefully you'll give me an invite to your private jet one day soon, we can fly together and serve some people. Tahir what I want to understand is from our engagements, when we've met at conferences, when we've had dinners together and when we've just generally had a little bit of fun, one thing that stuck out to me and you both is we both have this passion for helping people develop and becoming privacy pros, regardless of whether they have a background in privacy or not. And we’re really committed to making sure we do everything we can to help those. I do it through the Privacy Pros academy, you do it through your own personal time, and you have lots of mentees who have been doing really well. What would you say are the three key qualities that help somebody make that jump and be really successful?

Tahir:

Well, firstly, they have to be driven if they want to make a career change. They have to have it within themselves in order to put in the time to read through a lot of new material, pass the relevant examinations, which are very important. The IAPP examinations, which are the global standard for privacy professionals, they need to have patience because you can't absorb and become a privacy pro overnight. It is a journey just to get through. Your first examination may well take up to six months. The CIPPE if that's the one you want to take, is quite intense. And then beyond there is constantly learning how you can apply the knowledge to real world situations. Right? So it's a journey. You have to be driven. You have to be able to onboard and absorb and understand new information, and then you have to be able to translate that information into a practical and applicable environment. Surrounding yourself with like minded individuals is very important. All of us are part of a privacy network globally. You reach out to anyone on LinkedIn and guarantee they will be connected to you via two other individuals. Right? So there's about approximately 100,000 privacy professionals globally now. It's a growing profession, and it's one that you can still join at any stage of your career. You can change careers. You don't necessarily have to have a law degree. You need to have the passion take on board the information, learn, be studious and then go out and network and show your passion, show your knowledge, and then hopefully you'll get that first opportunity.

Jamal:

Wow, awesome. Super valuable tips there. At the Privacy Pros Academy, we actually help driven individuals either pivot their career into privacy professionals or to actually take their career from where they are to the next step. And oftentimes we help the senior people to really identify where they're lacking and really fill those gaps so they can become recognized as the go to people in the industry. And it's really interesting what you said, because there are seven types of people we don't actually work with at the Academy. Would you like me to tell you about those seven types?

Tahir:

Yeah, sure, please do.

Jamal:

I'll tell you about them and you can tell me what you think.

Tahir:

Seven types? You’ve done your data analysis?

Jamal:

Yeah, there are seven types I refuse to work with at the Privacy Pros Academy.

Tahir:

Refuse, that’s a harsh term.

Jamal:

The first type of people is, they're complacent. I don't work with people who are complacent. So if you're content with being average or mediocre and you lack the drive to push yourself to new heights, then our academy is not for you. We work with individuals who are determined to excel in the field of data privacy and make a real impact. What do you think of that?

Tahir:

Yeah, I'd agree with that. You can't just get into privacy by putting in half an hour a day. You have to really want to make the change. I heard an interesting quote just last week and it's saying, use your evenings and weekends to change the life you have, not to escape the life you have. Because that's often how we spend our spare time is downtime. But use that time instead to gain new knowledge. Right. And if you're not in privacy to acquire the knowledge and skills and to do the networking to get into privacy, that knowledge and those jobs will just not land on your doorstep. You have to be proactive. Everyone wants to strive and do better. And one of the questions I ask is, have you updated your CV? Are you actively applying? Oh, no, we thought we'd wait. I said, well, by waiting, your dream job or your best possibility may have already passed you by. There's only so many roles of us, a growing market. There's only so many roles per year, per month in privacy, and each month you delay that's another role that you've possibly missed out on that may have been perfect for your environment. Jamal, I know one of your mentees is quite a few of your mentees are from the NHS. When you try to get into privacy in the NHS, they ask you about your NHS experience. What knowledge do you have within working with a health authority? Within any kind of health care provider, a trust or something similar? Those individuals are ideally placed to bring the NHS experience and whatever they're doing and translating that to say now we have the privacy knowledge, now we can put together the pieces of jigsaw and we are well placed for this position in the NHS. And I know they'd like to hire internally also, but you can't simply sit back and say, well, they'll reach out to me. They'll find me on LinkedIn. Why? You're one of thousands that are looking for new opportunities. And in terms of learning, I'm still learning. Our profession is so dynamic, every day something new comes out and we talk about being a consultant. We have to be very up to date, be very relevant. We are looked at being thought leaders, providing thought leadership. So simply saying, I wasn't aware of that, I don't know about that. Continue your learning journey. Even when you get into the career, carry on learning and continue your certifications. I'm still getting certified on other IAPP examinations.

Jamilla:

I guess you have to be really self motivated to be a consultant. I'm just thinking of the transition when I started my PhD from being in employment and doing a PhD. You just have to do everything yourself. And being a consultant, I guess, is the same way. Because if you don't do it, it's not like you've got someone else to pick up the slack or you haven't got someone who's always going to be there going, oh, where's this? Why haven't you done this? You have to be that for yourself. I think that mindset shift can be very difficult.

Tahir:

Yeah. Going from working on client side to working for consultancy. It's a challenge. Nevertheless, it's an exciting challenge. Yes. You no longer have the support of your wider internal team. You will be part of a team and that team will be there to support you. But if you have a statement of work for which you have to deliver on, and you have set milestones and criteria, there will be someone looking over you, Jamilla. But they'll be saying, where is this work? This is the deadline date, when can we expect it? Has it met the quality criteria? Is it fit for purpose? Has the client signed it off yet? And all of that is for you to plan accordingly. What? You'll have the statement of work, you'll have your milestones and you have to deliver on those milestones. Of course, depending on who you work for and the size of the consultancy, you could be in a project by yourself or you couldn't be in a project with 20 of your colleagues. But your defined deliverables are up to you and those timelines are very rarely pushed back. When you work internally, it could be, well, we'd factored completion by the end of March, but we've come across some problems. We've talked about it internally, now we'll push it back to July. That very rarely happens in a consulting project unless it's at the request of the client.

Jamal:

Yeah. When you're taking a piece of work. You ask the client to trust you, and they say, yes, I'm happy to bring you on. I need this done by this date, and it's up to you to go make it happen. The reason why it's so fun and exciting and energetic is because you're always challenged. And that goes back to Tahir's first point, that you have to be driven. It's not for people who want to be mediocre and who want to be complacent. And that's why we don't work with people who actually are complacent. Now, the second type of person we don't work with is those who are non-committed. So our academy is not for those who are just looking to pass an exam and look smart. We're actually looking for individuals who are willing to invest their time, invest their energy, and investor effort into becoming true experts in data privacy. Why is that important Tahir?

Tahir:

It follows on naturally from complacency. Right. Complacency is not knowing and not willing to put in the time and effort. Commitment is what will get you through to your goal. Right? You've started the journey. Now you have to commit. Now you've as part of your sort of academy. And also my mentees, if I don't see ongoing commitment, I know they are not going to make that transition from one career into privacy. Not following up on sort of weekly catch up calls that most of my mentees have a 30 minutes call with me every week they miss one. It becomes a habit. Oh, something's cropped up. And then you think, well, we all have lives outside of work, and we all make choices. And that choice could be to watch a Netflix box set at the weekend, which we all deserve, and we all do, Jamilla is smiling. Or it could be, well, this weekend I'm going to put 6 hours in to learning about international data transfers. What are the regulations? What are the updates? What is the EDPB guidance? And are there any questions on this, on the IAPP exams or anything else that even if you're already in your career, how to stay on top of your career and top of your knowledge, and that requires ongoing commitment. Everything I do is about privacy and learning more because the learning journey does not stop. You can't say I'm now CIPPE, I'm qualified. I'm about to start a job. Great. Yes, you may do that. But as you mentioned, your learning and your mindset will become stagnant. You'll know what you know, but you will not know about everything else that's happening in the world of privacy and all of the challenges that we're now facing as privacy professionals.

Jamal:

Yeah. And the other reason why I don't work with the non-committed is because I get lots of questions on LinkedIn a lot of the time from people asking questions for clarification. And some of these people have lots of alphabet soup after their name. Right. Yeah, they got CIPPE, CIPM, FIP whatever it is, and they say they've done training with other people and they still don't get the basics. They ask me basic questions around the territorial scope of the GDPR. I can see they've got the letters FIP after their name and they've said they've trained with somebody else. And I just found that, like, how can that be possible? So the reason we don't work with noncommitted people, who just want to pass an exam is because I never want anyone who's trained with us to embarrass the Academy by asking basic questions when they've been through our training program and when they've been certified. So we make sure we only work with people who actually want to become true experts in data privacy so they get a real clarity and real understanding and they're confident in their knowledge and they're not going and embarrassing themselves and the people they’ve trained with on LinkedIn by asking such basic questions, even though their certifications and their credentials say something else, because I think that's doing a disservice to everyone. So imagine I knew nothing about privacy. I'm an employer and I've just employed somebody. And what I understand from doing my research with HR is they say, this is a certification. This is the go-to certification. Anyone that has that knows their stuff, I hired them in, we were about to do a deal, and they don't understand what they're doing. They make it wrong. So now I'm thinking, hang on, this CIPPE certification, it doesn't mean anything because I've hired this person who has this, and they clearly know nothing. So it does a disservice to everyone in the industry. The people who are working hard, the people who are putting their time in, the people who are committed, the people who are driven. When you get those people who just want to pass an exam, they make everyone else that has that certification look bad. So we want to stay away from working with people like that because we're dedicated to making sure that we're actually elevating the industry rather than bringing it down.

Tahir:

It's good that you're deciding who to work with at the Academy, because that same cohort will have the skills, the credibility, and the right ethics and mindset to go forward and to get a job at a really top employer. Employers don't just look at your qualifications, they look at your applicability and knowledge. If you've just passed the exams and you say, I've never worked in privacy before, that's absolutely fine. We all need our first opportunity, Jamal right. But if you try and present yourself as a privacy professional, which, unfortunately, I do see happening more and more often now, having passed the examinations, but no real knowledge and depth of understanding of what privacy is. And assuming privacy is just a set of controls that are tick box, I'm not sure how many of your past mentees and graduates Jamal have said to you, have you got a tick box that I can just go through to ensure that a client or my employer is GDPR compliant? GDPR is risk based, not necessarily tick box and rules and controls based. Right.

Jamal:

To answer your question Tahir about how many of our graduates and mentees have been requesting tick box exercises or templates, the good news is, by the time we go through the program, none of the privacy professionals that we work with need any templates. All they need is the actual understanding and the clarity of what the requirements are and how to operationalize that into practice. And what we do with that is, you know, you’ve heard me talk about this before is our C Five methodology. And we teach them how to take a step back and go through the principles and use that as their compass backed up with the C Five methodology. It's on LinkedIn, where we get those people who are trying to look smart, who think it's a tick box exercise, saying, hey, have you got a template for this? Can you provide me a checklist for this? Oh, give me a template for that. And the problem is, when people try and take a template approach, they're actually doing everyone a disservice, because no two companies operate the same way. And there's a really famous case in the US. There was a company who took a privacy notice of another company, and they copy and pasted it, and they used it for their own. Now, the thing is, the privacy notice, the original was actually a great privacy notice for that company that created it, because that's what they did and how they did it with data. The company that copied and pasted it and just made some edits and replaced their name with it. They didn't actually process data in that way. So even it was a great privacy notice, you can't use templates in this work, and working as consultancies, people think, oh, it's just taking a template, running the same thing ever again. No, it's not. We go and we get the clarity. We understand what the business is doing, we understand what they're trying to achieve, we understand how they operate. Different parts of the world have different cultures, they have different expectations, and we bring all of that in, and we are provided. We create frameworks, and then we deliver within those frameworks.

Tahir:

Yeah, that's correct. Again, it depends on your employer, on your sector, and your specific role. But simply trying to find the answers through existing templates generally doesn't work in the world of privacy. No two privacy notices are alike. It's your own purpose for collecting that data. Who do you share the data with? Well, you can't possibly share the data with the same companies. You may be very lucky to share it with one or two. You may share data with Google, no doubt, or through any other sort of analytics provider. But your notice will be, particularly to you, similar to your data discovery exercise. How do you know the data you've got? Have you been through that? Have you been through your exercise either manually or using some kind of technology and then using that to put together your records of processing activity? Yes. Your ROPA can very much be a template. Right. You can start off with a base template of what a ROPA should look like, but then you bespoke it for your own organizational needs. Your policies and procedures will all be bespoke to your organization. Your data subject access request will only be based on the data you hold. Your retention and destruction policy will be based on those business processes that you carry out and the data you hold, and the sector you're in, and any other applicable regulations that are in place by various government departments or the laws of the land. So it's not a cut and paste approach. It's really getting to understand the personal data and then building from there. Everything starts off with knowing the data, getting to know the organization, and then that's the building blocks of your really robust privacy program.

Jamal:

e growing moving forward into:

Tahir:

Privacy enhancing technologies. I would say if anyone's already a privacy professional, put more time and effort into learning privacy enhancing technologies. As clients move from a static approach to data privacy i.e. you conduct and carry out your ROPA and you populate an Excel spreadsheet, and then you say, great, let's review that in six to twelve months time. And of course, the very next day, two of those line items may already be out of date. So we've got privacy management technologies that can assist you with streamlining and operationalizing your privacy program. A lot of our clients now are going on that journey to replace a paper based approach to a tech based approach to privacy. But privacy enhancing technologies are about what can we put in place in order to better protect, to better share, and to better use data. So we know that there's techniques such as anonymization and pseudonymization, but we can really go into that a lot further. Within pseudonymization, we have masking, scrambling, perturbation, right? Within technical controls, we have encryption, encryption’s moved forward now to homomorphic encryption. And we're soon going to have quantum encryption because the current encryption controls will be outdated within the next 13 years, approximately the next 13 years when current encryption standards can be cracked. At that stage, you'll need stronger encryption standards. So privacy enhancing technologies, I go into a lot of panels and discuss these. How can we better get value from data Jamal? Privacy is all about protecting data. But companies need to fulfil their business goals and objectives. How can they do that while still protecting the rights and freedoms of data subjects, right? Privacy enhancing technologies, really. And there's way too many to talk about. Perhaps Jamilla can do her next PhD in that, but there's PhDs on this out there. Every single conference now that you and I will get invited to, Jamal will have a session on PETs, that's the acronym, right? There's some really exciting technologies out there that will enable us to extract maximum value from the data that organizations hold. So data becomes monetized, it's still compliant, it's still protected, but it becomes an asset in a compliant manner and not in a manner that some of the larger tech companies have currently been utilizing.

Jamal:

You heard it there from Tahir himself, our high flying global privacy consultant. The future is all about privacy enhancing technologies. For those of you who are interested in becoming privacy futurist, you've heard it from the man himself. And if you are wondering what he's talking about, when you talk about homomorphic encryption and quantum encryption and perturbing and masking and hiding and abstracting and all of that stuff, then the Certified Information Privacy Technology Program is going to give you all of that education and all of those answers. And for those of you who are interested, get in touch. I'd love to have a chat with you about it and maybe you can come and join us in one of those programs too.

Jamilla:

They all sound like not real words, like they're straight from a Marvel film or something.

Tahir:

Well, some of the technology is Jamilla. Some of the technology is really cutting edge, but it's highly practical, highly practical. And it will allow perhaps some of the very, most of the smaller companies will not fully embrace these technologies. But the large organizations that are international are already embracing these enhancing technologies and they're now able to extract more value from the data they have. They're able to send data internationally. Now, we know the challenges around that Jamal. Never a week goes by until there's a new interpretation or a new change to data. And this is not just within EU US, but I'm talking about globally, right? There's a lot of data localization and data transfer rules within individual jurisdictions. Right. How can you do business internationally when you can't transfer, utilise or analyse that data? If you're an international organization, this is where these technologies really come into their own. There's a number of market leaders out there that will really be able to assist. It depends on the use case. It could be utilizing large data sets, replacing data with synthetic data and variant twins or any number of other layering technologies. You don't just choose one technology and think, well, we'll go with that. You may have to layer these technologies, really understand the use case of the client, and put together a whole tech stack in order for the client to be able to fulfil what they want to achieve. And what we're talking about here, Jamila and Jamal, is we've gone beyond now policies and procedures, right. Within Europe these are very mature. Yes, new companies are being formed, but these are no longer the challenges. The challenges now are we understand we have to be compliant, how can we still fulfil our business mission and objectives? This is what we'd like to achieve this year. This is our mission statement, this is our objective. And of course, we want to hit a certain profitability figure. So we need to you've both heard of the term digital transformation. So we need to transform our business processes. As a result of that, it will involve a lot of data sharing, data warehousing, data lakes, utilising various cloud infrastructures and sending data internationally. That's a really big challenge. And Jamilla, you asked me about the kind of programs that are very exciting. These are the really exciting programs where every day you're learning something, you're speaking to a new vendor and they're telling you about their technology and thinking, I can utilize that with these four clients, I can utilize that with these five use cases. You're constantly learning. And this is the exciting part of consultancy. You're introduced to new technology on a daily basis and new client requirements on a daily basis and then you're trying to match them up and say, right, what technology is best suited to that use case? I'll give you another example, which is the use of artificial intelligence. Jamal, you may know a little bit about this. Are you familiar with Ramen microfinance?

Jamal:

Grameen Microfinance? Yes, I am. Founder has won a Nobel Peace Prize, correct?

Tahir:

Right. So that's about getting financing to those people that are not within the financial system. Right. Small payments essentially on a promise. Right. But that works in isolation. But how can you take that model further? Well, there's a number of different organizations now that are utilising AI, biometrics and metadata to be able to build up a risk profile of someone who is outside of the banking system but is able to work with the bank and say, right, based on the data that you've given us, that data could come from a sentence that you've read out Jamal, of course you've given consent for that. This is all consent based. Right. But taking your voice and I don't have the in depth knowledge of the algorithms behind the AI, but based on what you've read out and given consent to, they can give a risk profile. Maybe you sound trustworthy, maybe you don't. I don't know the inner workings of it. But also they build a bigger picture based on usage of your phone, again, consent based, based off usage of your smartphone and the apps you use. If you're spending a lot of time reading about the financial markets, it may imply that you're financially savvy. So would a traditional bank outside of the micro payment system be able to evaluate you without that data? No, because you have no credit report. So all of these new technologies are at the cutting edge. They're disruptive and they're exciting. That's what puts a smile on my face Jamilla.

Jamal:

Yeah, this is it like when you get to the consultancy level and when you can actually prove yourself in your field. You don't have to go and deal with writing basic policies and processes and going through those ICO accountability framework and GAP analysis, but you actually get to work on the leading edge, the cutting edge of technology, of what's possible. And you're working with companies who have some innovative ideas, some great ideas, of how we can overcome challenges that exist, that there is no other way of solving, and then saying, how can we do that ethically? How can we do that compliantly? How can we do that in a way that's actually fair both to the business and also to the individuals themselves as well? That is absolutely fascinating. And that's what gets us out of bed in the morning, because we know we can go out and we can make a real difference. And that is why we need more privacy professionals. We need more committed, driven, dedicated professionals coming up, stepping up to the industry so we can take and create a better world for everyone. Knowing that everyone has freedom over their personal information wherever they are in the world. That's everything we have time for today folks. Tahir, it's an been absolute pleasure speaking with you. Thank you so much for giving up your time to come and share those gems. I'd love to get you on another one soon so we can continue some of this conversation and really focus on some of those challenges that you're helping businesses solve with those exciting and innovative technologies. Until next time, guys, peace be with you.

Outro:

If you enjoyed this episode, be sure to subscribe, like and share so you're notified when a new episode is released.

Outro:

Remember to join the Privacy Pros Academy Facebook group where we answer your questions.

Outro:

Thank you so much for listening. I hope you're leaving with some great things that will add value on your journey as a world class privacy pro.

Outro:

Please leave us a four or five star review.

Outro:

And if you'd like to appear on a future episode of our podcast, or have a suggestion for a topic you'd like to hear more about, please send an email to team@kazient.co.uk

Outro:

Until next time, peace be with you.

Show artwork for Privacy Pros Podcast

About the Podcast

Privacy Pros Podcast
Discover the Secrets from the World's Leading Privacy Professionals for a Successful Career in Data Protection
Data privacy is a hot sector in the world of business. But it can be hard to break in and have a career that thrives.

That’s where our podcast comes in! We interview leading Privacy Pros and share the secrets to success each fortnight.

We'll help guide you through the complex world of Data Privacy so that you can focus on achieving your career goals instead of worrying about compliance issues.
It's never been easier or more helpful than this! You don't have to go at it alone anymore!

It’s easy to waste a lot of time and energy learning about Data Privacy on your own, especially if you find it complex and confusing.

Founder and Co-host Jamal Ahmed, dubbed “The King of GDPR” by the BBC, interviews leading Privacy Pros and discusses topics businesses are struggling with each week and pulls back the curtain on the world of Data Privacy.

Deep dive with the world's brightest and most thought-provoking data privacy thought leaders to inspire and empower you to unleash your best to thrive as a Data Privacy Professional.

If you're ambitious, driven & highly motivated, and thinking about a career in Data Privacy, a rising Privacy Pro or an Experienced Privacy Leader this is the podcast for you.

Subscribe today so you never miss an episode or important update from your favourite Privacy Pro.

And if you ever want to learn more about how to secure a career in data privacy and then thrive, just tune into our show and we'll teach you everything there is to know!

Listen now and subscribe for free on iTunes, Spotify or Google Play Music!

Subscribe to the newsletter to get exclusive insights, secret expert tips & actionable resources for a thriving privacy career that we only share with email subscribers https://newsletter.privacypros.academy/sign-up

About your host

Profile picture for Jamal Ahmed FIP CIPP/E CIPM

Jamal Ahmed FIP CIPP/E CIPM

Jamal Ahmed is CEO at Kazient Privacy Experts, whose mission is safeguard the personal data of every woman, man and child on earth.

He is an established and comprehensively qualified Global Privacy professional, World-class Privacy trainer and published author. Jamal is a Certified Information Privacy Manager (CIPM), Certified Information Privacy Professional (CIPP/E) and Certified EU GDPR Practitioner.

He is revered as a Privacy thought leader and is the first British Muslim to be awarded the designation "Fellow of Information Privacy’ by the International Association of Privacy Professionals (IAPP).