"The Data Diva" Talks Privacy Podcast

The Data Diva E44 - Katrina Destrée and Debbie Reynolds

September 07, 2021 Debbie Reynolds Season 1 Episode 44
"The Data Diva" Talks Privacy Podcast
The Data Diva E44 - Katrina Destrée and Debbie Reynolds
Show Notes Transcript

Debbie Reynolds “The Data Diva” talks to Katrina Destrée Director of Privacy of KUMA LLC.  We discuss our collaboration on Smart Cities related to Data Privacy topics, her background in Financial Services and Telecoms, The relationship between Data Privacy and sustainability, Data Privacy before and after GDPR, the juxtaposition of privacy as a human right in the EU versus a consumer right in the US, Data Privacy as a business wellness issue, exemptions in Data Privacy regulations, the biggest initial Data Privacy hurdles for businesses, Data Privacy challenges following the status quo, the importance of purpose to Data Privacy, data as a liability, not an asset, drivers licenses and data associated with bar codes, and her wish for Data Privacy the future.



Support the show

42:03

SUMMARY KEYWORDS

privacy, people, data, sustainability, companies, organizations, business, laws, Telecom, thought, regulatory affairs, area, Europe, communications, question, big, information, operations, Katrina, department

SPEAKERS

Debbie Reynolds, Katrina_Destrée


Debbie Reynolds  00:00

Personal views and opinions expressed by our podcast guests are their own and are not legal advice or official statements by their organizations. Hello, my name is Debbie Reynolds. They call me "The Data Diva". This is "The Data Diva Talks" Privacy podcast, where we discuss Data Privacy issues with industry leaders around the world with information that businesses need to know right now. So today, I have a special guest on the show. Katrina Destrée, who is the director of privacy for Kuma LLC, I had the pleasure of meeting Katrina. We ended up on an MMO. You may have explained it better than me. So we ended up collaborating. I think we were on a panel, for I can't remember the name of the thing. I know Smart City smart, right? It was a Smart Cities panel. And this is funny. So a lot of the people that were on, or in this conference, obviously Smart City people, Cybersecurity people. And as usual, you know, we're kind of like the little waves in the privacy folks. So we were on a panel together. And it was a lot of fun actually prepping for that panel and getting to know Katrina, and you have such a fascinating background, you know, as someone who's lived overseas, in Europe, and, you know, working for international companies doing privacy, and it's sort of your background and, you know, Telecom and how that connects to sustainability. I mean, it's just fascinating. So, tell me anything that I left out about you that you would like people to know. And then, you know, let me know, sort of kind of your thoughts about your trajectory and privacy?


Katrina_Destrée  01:56

Sure. Well, first of all, Debbie, thank you so much for inviting me to join you on this podcast. I'm a big fan. As you know, I actually have called you the Scout, you're out there, and you just scout and find the topics and the people that are doing interesting things in privacy. And I think it's because you are inherently curious, which is so important to remain curious, you know, keep learning. And that just enhances the field for everyone, and that the ways to go forward and learning about privacy. So my background, you know, I'm a director at privacy at Kuma, a boutique consulting firm and privacy and security. And we offer a wide range of services to public sector organizations and private sector firms. And my focus is on the private sector. And currently, I work in the financial services sector. But historically, my background has been in the telecom sector. And the reason for that is actually interesting. So, after college, I thought I would work in the area of art law a little differently. And that's because I've had a long lifelong fascination with dance and with art. And so I started working at an art publishing firm. And then, I got this unique opportunity to work on a privatization project in post-communist Poland. So this was the early 90s. And it was a publishing opportunity. So it was to bring to formerly state-owned publishing plants, publishing plants, to be privately managed. And this was a big investment in connection with the US government. So it was a high-profile project and very interesting. At the same time, it was a bit of a shock for me personally because I moved from downtown San Francisco to downtown Warsaw in, early 90s. And I think the keyword that comes from that is making do living without. Living without modern infrastructure. At that time. I mean, everything has changed nationally now. But at that time, it was transformational for me to experience that. And I was struck by the rule of communications in our lives and how modern infrastructure was so critical. So having that experience made me absolutely hungry to understand their national frameworks, legal and regulatory guidelines for rolling out modern infrastructure. At the same time, the World Wide Web was coming alive. So I'm dating myself, but I mean, that was monumental. So I went back to graduate school and focused on legal and regulatory frameworks related to telecoms, which then because I studied international law and policy, I went to Brussels. I was recruited for this planning position for a major company. In Brussels, and the idea was to roll out telecom networks, you know, get people connected. And this was very exciting. So I worked in the area of regulatory affairs for a number of years. Actually, I stayed in Belgium for nearly two decades and traveled everywhere. And it was just fascinating. Well, from Regulatory Affairs and telecoms, I then began to work in the area of sustainability. Again, for the telecom sector, and oftentimes, that's referred to as the ICT sector. So this Information Communications and Technology sector and sustainability really struck a chord with me because it was like, bigger than myself, it was like, how are we gonna make the world a better place, and it encompassed every area of organizations, various operations, you know, from the beginning of responsible sourcing for different elements of their products and services, to how they were communicating about their carbon footprint, it was everything. And so, I found sustainability to be really exciting. I was taking shape at this time. And it was actually a legal requirement for some European based firms to report on sustainability, sustainability, climate change, really big topics in Europe, particularly at this time, and how I came to Data Privacy, that when working in sustainability, one of the key things that we did, and I say we because I worked both for an organization called Jesse the global e sustainability initiative. And one of the member companies, after I worked with Jesse, that I stayed active with Jesse because I was on the board for the communications efforts because a lot of the work of Jesse is directed and led by the members, is a very member-led organization. And so one of the areas that we focused on was looking at materiality and how different areas of companies would impact their operational success, as well as what stakeholders were expecting from these companies. So when we look at stakeholders, I mean, there's a wide range to consider. That is, you've got, obviously, your customers. But you've also got your suppliers, you've got your vendors, you've got investors, you've got regulators, you've got a civil society, civil support, society is really important to consider, and what I mean is like the NGOs. And so when looking at these top areas of sustainability, when reporting in, for example, a materiality report, a number of issues come up. And that can be from your product development, that can be ethics and compliance regarding your people, supply chain, your management, etc. The number one issue from the sector became data protection and privacy. So we look at all those issues. And they can range between 30 and 50 issues, depending on how you group them. And companies would look at these. These issues would change over time. So, for example, if the company is looking at how they're energy-efficient in one year in their products, that might be the top issue. But then, as they mature with that issue, they can change to not be as critical because they're succeeding in that area, or perhaps their external stakeholders are satisfied, or they feel like the company is on track. So that's not as much of a burning issue, as it may be in one particular year. But what I saw is that this issue of data protection and privacy really rose to the top of the list. And when I say for the sector, I mean for all of the companies that were active in this effort in the ICT sector information communication technology, and that struck me because I thought this is really at the moment when all the companies are looking at these various issues and pointing to Data Protection privacy as a key area that they need to respond to their stakeholders. What are we doing about this particular topic? And to be precise, this was happening in the year 2014. So data protection and privacy had been there as an issue. But it really rose from 2010 to 2014.


Debbie Reynolds  09:49

Right, right. And I like to in my mind. I like to separate, not really separate. I kind of put privacy, the people who are interested in privacy, in sort of two different buckets, right? So there, to me, is the pre GDPR book and the post-GDPR book. So you're definitely in that first bucket, right, a pre GDPR bucket. And I think what GDPR did is that it may privacy, a global concern, where it was always a big concern in Europe, because of, you know, we know that privacy was a fundamental human right in the Constitution, right. And in Europe, from the 50s. And over the years, in Europe, they had codified a lot of their laws to respect the privacy of people. So it doesn't surprise me when you say you were doing this telecom work, and that privacy issue sort of rose to the top because they've done a good job over the years. Try to do that. And then, and then, of course, with the data directive that preceded the GDPR. You know, making sure those principles are in their laws, and the companies are following them. I think that's kind of a theme. But I think a lot of people who had not had that experience didn't really know that because we weren't having those experiences in the US. Right? Right. Yeah. So the, when you were thinking about, you know, when you were in, in Europe, and you were kind of seeing the way that they sort of thought about privacy differently, what were your thoughts? I mean, in terms of the kind of adjust the position of what you were seeing in the US at that time, because, you know, as you said, in the mid-90s, that's when sort of the Internet woke up for individuals and businesses, right. And so, I have been really interested in I was kind of the time that I got really interested in technology, and I sort of watched it grow over the years to come this, you know, massive thing that is now and how people are more connected than they were in the past. So then also, back then we didn't have as much data. So there wasn't as much data collection, you know, there were no iPhones, people really weren't having, you know, cell phones are quite primitive at that time and Telecom. I remember the mid-90s. You know, it was in the mid-90s, in the US, they were busting up the big telecom telephone companies only to join them back together, like, years later. But yeah. So what are your thoughts about that?


Katrina_Destrée  12:43

Yeah, so there really is a distinction. I mean, I've lived, you know, half my life in Europe, and then coming back, and we have a phrase in your private life. You don't really hear it here in the US, your private life. So the word privacy makes me think of private life. And it was, it was really a natural way of speaking and operating in the business. You know, you have your business life. You have your private life. And so, there is an inherent view that your personal data is your private information. That's your right. It's your property if you will. So that's a long part of the views of European citizens.


Debbie Reynolds  13:33

Yeah. Well, that's true. I never really thought about it that way. And then also one distinction I would like to make, and I'm sure that you know, understand this. I have seen this. A lot of times, when we're talking about privacy, we're trying to compare and contrast between the US and sort of Europe. You know, we have to understand that. In Europe, privacy is a fundamental human right. So yes, they don't have to fight to have privacy because they have it as a right, right? So the GDPR, you know, as we call it, a privacy law really, really is a Data Protection Law, right? Because it's protecting the privacy of the person. We're here in the US. We have to fight for privacy and protection, right? Because we're trying to get laws to give us privacy for certain things that we don't have right now.


Katrina_Destrée  14:31

Right, when the CCPA, you know, in California first came out, it was being compared to the GDPR. And people were saying, What's the new GDPR for California? Not exactly. And if you really read into it, and I had it come away with a quick way to summarize it for my non-privacy friends, you know, what's the difference? And I said, the GDPR it's like, there has to be a reason to have your data and to and to process it. Whereas here in the US and with regard to the CSPS, assume they already have it, they just now need to be able to sell it, to share it. So that was a way of making it easy for my non-privacy friends to see the difference between the two. Yeah, so here in the US that they do have your personal data. Whereas in Europe, you're assuming that, you know, it's your personal data. It's your private data,


Debbie Reynolds  15:28

Right? Like they didn't ask for it, or you didn't give them permission to have it were here of kind of scoop up. We don't know what's happening. And then you know, something crazy, I said before it goes out. Exactly. I don't know about you. But when I when well, first of all, when when the laws come out, I tried not to read anyone's opinion about it. So I go, like, literally read the whole thing myself because I know that I probably have a different point of view or insight or something. But the one thing that I always do, when I look at these laws, I always look at the exemptions. So who gets carved out? Who can't, you know, oh, yeah, we're gonna pass this law, except for this, this. So, to me, it's been really interesting to see. And I tell my European friends about CCPA. You know, it when people are trying to compare the two, I'm like, GDPR has very few carve-outs. Right. So they're not exempting a lot of people. I think it covers almost any industry where there's us, there's like, a lot of exceptions. So, you know, if you're a non-profit, your car bow, if your law enforcement, you know, your car about if your Department of Motor Vehicles your car about CCPA. So I said to me, that says a lot that always look for the carve-outs, you know, who's exempted from certain laws? What are your that's excellent strategy? I love it. Yeah, because we make a lot of assumptions. Alright, how are we are people do make a lot of assumptions about, you know, what is covered? And what is? What would be, you know, when we talk about Data Privacy, and we, you know, in a business sense, right, we are talking about two businesses and trying to live my privacy. What do you feel like are the biggest hurdles that you run into? Maybe the thing that people misunderstand the most is privacy?


Katrina_Destrée  17:41

Initially, we have to have reasons to process the data. That I wouldn't say it necessarily is a hurdle, I would say it's an ongoing, everyday reminder. We have to have reasons. And I think that we have evolved in understanding that this is personal data, that this is to be protected, that it's no longer collect everything you can because one day you might need it, that we've evolved, definitely. Right. But where we can still the goal is to get it into our DNA. That it's so deeply ingrained. That is really business as usual. That we assume that to see certain information, it has to be role-based access, that when we have information, it's only for a specific purpose, perhaps a specific time. And that this is so ingrained that to see it otherwise would seem odd. Yeah. You know, that's, that's the hurdle that we need to overcome, so that we see something very simple, like an email address. If we see the entire email address, it should strike us as odd. Why are we seeing the entire email address? Now that's so we're not there yet. You know, but that's maybe an example of a hurdle.


Debbie Reynolds  19:21

Now, yeah, that's a good one. I think, you know, I think what it is right now, we're almost like swimming upstream in a way because the way business has collected data in the past is completely opposite, is collect everything. We have this new technology. Keep it in the back room. Let's not delete anything. We don't know we'll need it. Again, one of my dear friends made a really interesting analogy. It's like this huge junkyard, and someone thinks that there's a diamond ring somewhere in it. We can't get Get rid of anything in the junkyard because I'm thinking maybe we'll find there somewhere, right? The problem is the wrong person might get that diamond ring. Yeah, probably the wrong person may get the diamond ring, and then to, you know, data retention, you know, there weren't regulations around disposal of the data, or, as you said, the regulations, especially in Europe, for sure. And now we're seeing with these state laws in the US. They're addressing the fact that you should really tie your data to a purpose, and once that purpose is done, then you don't really have a reason to write a good reason to be able to keep that data. So that has been, that has not been the case in the past. So I think a lot of the data breaches that we're seeing today, you know, whenever I see a data breach, headline, you know, always kind of follow the story. And, and I always want to know, you know, have the brief happen, or, you know, what they did that they breach or whatever. And a lot of times, it is not kind of the high value, or what they consider within the business, kind of their high value, high-velocity data, is something own on a server somewhere that no one was really paying attention to, maybe it's a system that, you know, wasn't decommission or, you know, cybercriminals, they can get it, they find the weakest link, and they tried to get into that. So I think having, you know, stockpiling data in that way is a liability is not an asset. So having companies think about data that you cannot tie to a purpose, and you don't really need it, right now to really think of it as a liability, and really treat it that way. And not just sort of, to stockpile in the backroom somewhere.


Katrina_Destrée  22:01

Right? I mean, we should really start using the term stale data. Often, when it's stale, it's really taking up unnecessary space and becoming a liability. And, you know, that's also a connection back with sustainability as well. Because to store that data, takes up space, I mean, in terms of the servers that are used and takes up energy. So they're very complimentary, you know, less store less data, you let use less energy, and reduce your exposure to potential bad actors.


Debbie Reynolds  22:43

Yeah. Do you feel like we're, I don't know? In some ways, I feel like we're having sometimes the wrong conversation with people about data. So. So in a way, I feel like the conversation, maybe this isn't the media, is like, okay, we're, we want to collect all this data, right? So they're all his data everywhere. And then we're gonna go through extraordinary measures to protect it, which that's not bad, right. But I feel like the conversation we should be having is, you know, let's not collect so much data.


Katrina_Destrée  23:21

Absolutely. Absolutely. And it's across the board. It's companies collecting the data, but it's also in your personal life, you know when you enter a building, and they ask you for your ID, do you really need to hand over your driver's license that contains a lot of personal information? Versus like, for example, your US passport card, which is just your name and your image? And it's like, Where's that going? Do you really need to make a photocopy of my, you know, 20-minute visit today? etc. So it's, it's across the board that we get into our minds. Why are we processing this data? What is the reason? And is that justified? And as the data retention, that's a big one, where does it go?


Debbie Reynolds  24:13

Yeah,


Katrina_Destrée  24:13

I'm trying to teach my kids this is the same time to like, don't just hand over everything, you know, use your student ID


Debbie Reynolds  24:21

Don't, well, don't even get me started with IDs. So you know, most of these IDs, you know, that are issued by states or governments, a lot of them now have barcodes on it. And sometimes you go places may scan a barcode and people assume oh, that's just you know, the data that they get from this barcode is placed on the front of this card, and that is not true. There's like a lot more stuff affair that you can't see, and you wouldn't possibly even know about. That may be collected about yourself. I think, to me, I don't like it when you know someone wants to scan the barcode on my driver's license. Why? Why do you need that? Do you know what I mean?


Katrina_Destrée  25:05

Exactly, we need to get it into our mindset. So this is, again, part of the DNA is that we get it so deeply ingrained that it feels wrong if it's handled otherwise, you know, I was thinking about the connection between sustainability and data privacy. And I thought of this analogy if we are more conscious about green behavior, now sustainability for a long time has been linked to green, you know, and if we were to see someone Now throw an electronic device, unused into a bin, would be in shock. Would think wait doesn't go there, you have to put it in a bin for recycling e-waste, right. And I think that we should aim to have the same type of shock reaction in treating our data responsibly. If we don't know. Yeah, because now we would feel that way. If we were to see that kind of example and think, wait, what happened? Was the person doing that, you know, that's definitely not the way that we, we want to handle our discarded objects, you know, has to go in the proper bin, which is an evolution, we didn't think that way, you know, decades ago. Now, we need to think about the same way with regard to personal data. Do we need to see things on behalf? Does everyone need to have access? Do we really need to retain? Do we know our retention schedules? And what access is supposed to be revoked? How do we know? You know, it's asking those secondary questions on controls, and they become so well known, not just by privacy teams and not just within the compliance department. But for everyone is so deeply ingrained in the DNA across all organizations. Just like now, behaving in a green sustainable way is not limited to one department is for everyone.


Debbie Reynolds  26:56

Yeah, let's talk a bit. So you're such a kind person, and you have such a calming way and manner about yourself. So it does not surprise me that you're in privacy, right? Because you have to talk with people at all levels of the organization and be able to sort of build relationships and bridges. And traditionally, you know, a lot of companies things have been very siloed. So you're probably talking to groups, and maybe never talk to one another ever. You're talking with people, you know, again, at all level conversation, tell me how you sort of approach you know, getting buy-in or not necessarily getting buy-in, because I think from a privacy perspective, if there has to be buying a counter at the top, he'd be able to do this, but actually building those relationships within organizations where things tend to be, especially in corporate situations, very silo?


Katrina_Destrée  28:00

That is such a great question because that's how we move forward. Right? We need everybody in the companies and the organizations. And so, we need to establish that connective tissue with everyone. What I found works is to try to understand their heartbeat. So understand that different organizations, different departments within organizations have a different heartbeat, like for example, operations, the heartbeat is pretty fast. They're putting out fires, you know, and to understand when you're talking to someone that's working in an operations role. I mean, they're putting out this fire, this fire, this fire, there really is a different energy level and a different attention span in operations. And it has to be that way. And there's also no forgiveness in operations. I started my career in operations. So I understand that heartbeat and that rhythm, and they want communication fast and quick. And so to position your question in a way that they can respond quickly, and they get immediately why you're asking and why this deserves to be at the front of their buyer list to respond to. Now, if you go to someone who is in Regulatory Affairs, and I've worked in Regulatory Affairs, that's more reflective of a different heartbeat. It's like they're reading policy positions, and they're reading laws, and they're reading, you know, different frameworks, and they're understanding what difference does this make to our CEO? What difference does this make to us? So that's not putting up fires, heartbeat in the same way that operations are. That's a reflective positioning. So when communicating with someone from a department like Regulatory Affairs, it's better to position it like that. That's how this fits into their work. I think in all communications, the key is to think about your audience, and your reader makes it easy. What hospitals say, you know, surveys, if you think about surveys, they reflect the person who's posing the questions, more so than what information they're trying to seek from the people that are responding. With a look at surveys that well, it's very similar in working with different cause different departments. And disseminating that message of privacy and why they should get on board, etc. Rather than be concerned with your positioning of questions, think about how they are receiving it. You know, is it a fire to be put out? You know, is it a policy change, when it comes time to communications, communications, externally for media coverage, that's helpful to think about as well because media really focuses on conflict, and new product development or policy change. If it's not one of those three, it's probably not going to get the attention that is perhaps desired. So that's understanding where that department is classifying their information. So just kind of recap, reaching out to operations, think about they're putting out fires all the time. How do we make sure that this is a fire position in front of the other fires and so to speak? If it's Regulatory Affairs, if it's more reflective, it's more, you know, deep analysis, how do you fit that into their ongoing analysis? And if it's to disseminate information to your communications team? How does it fit within their usual priority listing of information to disseminate?


Debbie Reynolds  31:46

Yeah, that's, oh, my God. That's a masterclass and, and being an executive and a privacy professional, that's great, that's great advice. I would love to talk to you about so I liked your the way he describes kind of, you know, those different teams, and like the policy folks being more reactive, or reflective. I feel like privacy. Okay, so let's say before privacy or cybersecurity, or cyber breaches anything became a thing, right? The way and a lot of companies are still like this, and this, to me, contributes to privacy issues, or contribute to privacy attacks, it's like, let's clip along, you know, everything's working. You know, let's not worry about privacy or cybersecurity until we have an incident, and then let's react to it. And so the way privacy is in a way, that it has to be so foundational to the organization, you really can't do it successfully, if you're in a reactive stance, they have a requires a level of kind of strategy and proactivity, that a lot of companies organizations don't think of it that way. And so I'm kind of tying in cybersecurity here too, because, you know, I get frustrated when I see all these cyberattacks and abuse, oh, we're gonna react to it, or, you know, like the US government announced that they're creating like a task force to, you know, react to cyber-attacks. And I'm like, we have to prevent cyber attacks. So we have to find ways to minimize them or minimize the damage or, you know, share information. So it can't be just firefighting, right? Combat is not helpful, you know. That's very hurtful to the organization. So, you know,, from your point of view, how do we move organizations from thinking about things like privacy and cyber in a reactive way and thinking about it more in a proactive way?


Katrina_Destrée  34:09

So a lot of organizations now are launching their wellness programs for employees, right? We want to make sure that you're taking care of yourself. This is helping us it's helping you be a better you. I think that the way to respond to this question is thinking about privacy. In terms of Being Well, in privacy, it's like don't wait till you're ill to go to the doctor. Take care of yourself and the ways that make sense for you. And same philosophy would apply the data protection and privacy and cybersecurity, wellness. To be strong, take care of your foundations. And don't wait until one of these incidents happen to them. Seek advice.


Debbie Reynolds  35:03

Wow, that's mind-blowing. I never thought about that. That makes so much sense. So the privacy of wellness, we can launch the privacy wellness initiative. Yeah, totally, totally. Yeah. Because we want to be, we want organizations to be well, right? To succeed and not chip over, you know what they're doing. And then I think another thing that happens is, let's say, your company, just as an example, say your company, makes cakes. Okay, your bakery, right? A lot of people think, you know, being about the business is about focusing on cake bake, which is not bad, right? Obviously, that's kind of your core business. But I think what's happened with the advent of the internet and the connectedness and how data goes, you know, some of these businesses now, what they're not realizing the shift has happened is that you know, before a long time ago, many years ago, technology was a nice to have, and now it's so entrenched in business, you know, a lot of people cannot do business without, you know, technology, or, you know, or, you know, let's say, companies may have barriers to adoption, like they want to sell their product. You know, I see as this example, you know, a US company wants to sell their product in Sweden, and they don't know, about GDPR. So I think there's been a shift that people haven't really noticed, which is technology is enabling them to do their jobs. And if, if and without it, because it's so interesting when people do, some people cannot do their work without their or can't run their business, without the technology, and then understanding that there could be barriers to adoption or barriers to growth. If you don't understand privacy, I think those things have to be more apparent. Absolutely. I couldn't agree more. So if it were the world, according to Katrina, what would be your wish for privacy? or anywhere in the world? You know, related to technology, law regulation in humans? What are your thoughts?


Katrina_Destrée  37:29

Oh, that's just such a lovely question. It's like a wish list. You close your eyes and say, Hey, this is what I wish. Perhaps you blow some candles, and it comes true. So what I would really wish for is for the two worlds to really combine even closer, you know, that data privacy is viewed as I was describing earlier, business as usual, so deep within our DNA, that this is the way that we operate, and that this handling personal data, in a responsible way, will sustain companies and organizations. So when I think about the word sustainability, look at the keyword, sustain, some people think of sustainability, I think of green initiative. And I back up. It started off in that arena. But it's far richer than that. It should be limited to climate change endeavors, which of course, are very, very important, that sustainability, the root word is sustained, what will enable us to keep going. And Data Privacy is a key part of that. If we don't protect our data and really value privacy, then it will become an impediment for companies to continue to go forward to continue to go on. And it will inhibit their ability to be sustainable organizations. That is what I would really hope that we would do combine the two worlds even closer. They are combined now. And that people that are working in sustainability absolutely look at data protection and privacy as a material issue for their ongoing business success. And as a top area for their stakeholders, as I described, you know, their investors, you know, their customers, regulators, NGOs, that is really key. But I think that we can do an even better job by integrating it into our daily conversation. Why do we need this information? How are we protecting it? So that as I gave that example, if you were to throw something into the bin and an E-waste device into a bin, it would be a shock really Take you by surprise and everyone in every department. And I think that is great, you know, close your eyes would make a wish. It would be my wish to that in every department, and people would recognize a personal data element and say, hey, we've got to treat this seriously. We've got to protect it. It means something is a key part of our company's asset. And a key element of us handling this data responsibly. And definitely part of our foundation of going forward, and we can continue to be a sustainable company. Organization.


40:37

Yeah. Excellent. Excellent. Well, this was so much fun. I'm so glad we were able to collaborate and do this.


Debbie Reynolds  40:45

I really enjoy your work. And I always we always have great conversations.


Katrina_Destrée  40:51

We do Debbie, I really, really love your podcast, and I take my walks and I listened to them and you're so conversational, and you put your guests at ease and you just have a great following. So I'm a fan.


Debbie Reynolds  41:09

Ah, thank you so much. Thank you so much. All definitely be talking as we always do soon. Yes, I look forward to continuing our collaboration. Alright, populate. Take care.