Let’s talk about digital identity with Julian Hayes, CEO of Veneto Privacy. In episode 7, Oscar talks to Julian Hayes about data privacy in the days of Brexit chaos and why a penalty fine shouldn't be your biggest concern when it comes to GDPR. [Scroll down for transcript] “GDPR is 40% security and 60% privacy" Julian is a highly experienced Data Privacy and Security consultant with more than 18 years working in the telecommunications and IT industry. As Managing Director of Veneto Privacy Services, Julian and his team provide in-depth data protection consultancy services to clients in diverse industries, from telecommunications, consumer goods and educational providers throughout Europe and the United States. Find Julian on LinkedIn or email julian@venetoprivacy.ie. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure! [Podcast transcript] Let’s talk about digital identity. The podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining. Today we will hear about a very important aspect of our digital lives, which is privacy, and for that we have an expert in the topic. So let me introduce you Julian Hayes. He’s an expert in data privacy with more than 20 years of experience, which includes working for telecommunications big players, such as Vodafone and Nokia. Today he’s the Managing Director of Veneto Privacy Services, a consulting company based in Dublin, Ireland. Hello, Julian. Julian Hayes: Hello Oscar, thank you for having me. Oscar: Yeah, it’s a pleasure having you and talking with you Julian and yeah, please tell us a bit more what is – has been your journey until today. You have your own consulting company Veneto. Julian: Great. It’s a pleasure to talk to you and I know that today’s subject on Brexit, GDPR and digital privacy generally should be an interesting discussion and listening material for your subscribers. So Veneto Privacy is in business now three years. So prior to its establishment, I was a Data Protection Officer for Vodafone in the UK and in Ireland predominantly. So really I guess I was working in data privacy before it became such an issue of concern in terms of how personal information is obtained and processed. So it’s kind of – it grew – from my own kind of professional experience, it grew from about 2004 and then in 2010 it reached off as a major issue. So data protection laws have been in place for decades, so it’s not that there was any type of new realisation. But there has been an increased focus I think from 2010 on data privacy and the importance of respecting personal information from a customer perspective. So yeah, so we’re based in Dublin and we service companies in Europe and the US and we work basically a 24/7 type of operation, working in multiple time zones. Still a small consultancy business and we’re very much specialised in commerce-related personal data processing and GDPR obligations. As we’ve seen, there are many regions within the world that are implementing similar types of data protection law in the style of GDPR which is seen as kind of the best in practice operation. Oscar: Yeah, very interesting. You have a 24/7 operation it sounds like. Pretty challenging. And tell us a bit the experience you have today with working in Veneto, your own company. What are the main challenges customers you have today have? Julian: With the anticipation of the 25th of May 2018, there was a huge focus from companies to get compliant with GDPR and I remember often there were customers who would say, “Well, you know, is it just another Y2K? Is it just another type of hype situation?” But the difference between Y2K and GDPR is that GDPR is actually law – and Y2K was a theory in the world. So I think that’s the major kind of challenge is, you know, preparations for establishing the basics of good e-processing operations,