Privacy in Practice

In this episode of Privacy in Practice, hosts Kellie du Preez and Danie Strachan sit down with Lisa Sotto, Chair of the Global Privacy and Cybersecurity Practice at Hunton Andrews Kurth, for a practitioner-level conversation on the full arc of a cyber incident, from first detection through board notification and the regulatory long tail that follows.
Drawing on Lisa’s decades of advising Fortune 500 companies and global regulators, the conversation examines why incident response efforts often fail when confined to IT and how organizations can meet complex international notification requirements with imperfect information.. Lisa breaks down real‑world ransomware negotiation dynamics and touches on the Bybit investigation, which has received significant media attention worldwide, as well as high‑profile cases like the Uber criminal conviction and the Drizly FTC consent order signal for executive accountability. Kellie draws on VeraSafe’s own client experience with cyber insurance and cross-boarder breach notification, while Danie bridges the US liability to Europe’s NIS 2 Directive and its implications for executive oversight.

This episode goes far beyond cybersecurity basics. It’s a strategic, practitioner‑level briefing for leadership teams who need to understand not just how incidents unfold, but how to respond effectively under intense regulatory and operational pressure.

In this episode of Privacy in Practice, hosts Kellie du Preez and Danie Strachan welcome Charmian Aw, Partner at Hogan Lovells, to examine the growing relevance of the Cross-Border Privacy Rules (CBPR) System in an increasingly global data economy. Learn why organizations such as Cisco, Mastercard, and Alibaba have obtained certification, why the framework is gaining renewed attention among multinational organizations, and how it complements existing transfer mechanisms such as Standard Contractual Clauses (SCCs). The conversation also explores how CBPR certification plays a role in procurement, regulatory cooperation, and the evolution of responsible data processing.

Gaming is now one of the world's biggest entertainment industries, and with growth comes scrutiny. In this episode of Privacy in Practice, hosts Kellie du Preez and Danie Strachan sit down with Alex Roberts, Partner and Head of TMT in China at Linklaters, to explore how gaming companies navigate privacy compliance across multiple jurisdictions. From children's online safety requirements in APAC to class action litigation trends in the U.S., the discussion offers practical insights on building privacy programs that work globally. Whether you're managing vendor relationships, responding to data subject requests, or trying to understand regional regulatory variations, this episode sheds light on how to approach privacy compliance in one of the world's most dynamic and complex industries.

What does a regulator really want to see when they investigate your company? In this episode of Privacy in Practice, hosts Kellie du Preez and Danie Strachan sit down with Helen Dixon, Ireland's former Data Protection Commissioner, for an unprecedented conversation about privacy compliance from the regulator's perspective. Helen shares practical insights on building effective privacy programs with limited budgets, handling data subject access requests without triggering complaints, and what actually matters when regulators assess compliance efforts. Whether you're running a growing SME or managing privacy for a larger organization, this episode offers invaluable guidance on navigating GDPR requirements with common sense, fairness, and pragmatism.

Privacy enhancing technologies sound great in theory, but how do you actually implement them? In this episode of Privacy in Practice, hosts Kellie du Preez and Danie Strachan sit down with Monisha Varadan, EMEA Privacy Lead at Google, to explore the practical realities of implementing PETs. From differential privacy to synthetic data, Monisha demystifies these cutting-edge tools and explains how organizations can leverage them to enable business innovation while protecting user privacy. Whether you're a privacy professional exploring PETs for the first time or a technical leader looking to balance privacy with utility, this episode offers practical guidance on when, why, and how to use privacy enhancing technologies effectively.