Why did you choose data protection as a career?
It began with a lifelong interest in the digital world. Although I trained as a lawyer, it was my fascination with computers that truly shaped my path. The digital realm has always seemed like a parallel universe to me, impacting our everyday interactions, influencing governments, and shifting global power balances.
The real eye-opener was witnessing the power wielded by tech giants. Events such as the Cambridge Analytica scandal and the Stuxnet attack also demonstrated how data can be used to control aspects of national security and sway public opinion on a massive scale. That’s when I realised that data isn't just bits and bytes; it’s power.
Driven by these insights, I decided to further my studies and completed two master's degrees in cybersecurity, where I learned about the technical components of data security as well as data protection frameworks like the GDPR, Turkish data protection law, and other major international frameworks. I was fascinated by how these laws work to rein in the 'wild west' of data flows.
My focus in data protection is on the human aspect – personal privacy, the right to autonomy, and safeguarding freedom of speech, which I believe are crucial to live freely and safely in a digital age.
Why is data protection important?
Because it protects our human rights. It's not just about privacy; it’s about controlling how much power we give to corporations and governments. Just look at places like China to see how far it can go.
Data is about more than just ads on your screen; it shapes societal changes.
Our everyday choices, which are heavily influenced by what we see and do online, can be manipulated, which can reinforce biases, making us vulnerable to even more manipulation, often without us even realising it.
Despite individuals feeling their data might not be important, collectively, it’s a goldmine for companies, allowing them not only to profit but to shape narratives within society. Many people don’t realise how much power they give up when they click ‘accept’ on terms and conditions without reading how their data will be used.
That’s where data protection laws enter.
In the year to come, what will be your primary data protection focus?
My primary focus will be on the complex relationship between AI and data protection, particularly concerning deepfake technologies. I’ll advocate for clearer regulations and guidelines for AI-generated content and push for policies that demand transparency from content creators and hold platforms accountable for the circulation of harmful deepfakes.
It’s vital to educate the public on the realities of AI capabilities. By raising awareness about how AI can manipulate media, we empower individuals to critically assess the content they consume.
What data protection issue interests you the most right now?
The challenge of balancing big data analytics with individual privacy rights. As organisations harness the power of big data to drive innovation and efficiency, the scale and scope of data collection have reached unprecedented levels, raising critical questions about consent, transparency, and control over personal data.
Furthermore, the rapid global adoption of IoT devices adds complexity to the data protection landscape as each device represents a potential security risk. Developing strategies to secure IoT ecosystems and ensure compliance with international data protection standards is an urgent priority.
What are you most worried about when it comes to the future of data protection?
I wouldn't say I'm worried, but vigilant and proactive. I view the evolution of data protection as a natural cycle of challenges and solutions. While each wave of technological advancement introduces new complexities, it also presents opportunities to innovate and strengthen our approaches to privacy and security.
Rather than worrying, we must equip ourselves for what's to come. Staying ahead of technological trends, understanding the implications of new tech on data privacy, and preparing to adapt our policies and practices accordingly.
Ultimately, the future of data protection is bright if we maintain our commitment to upholding high standards of integrity and transparency.
My message to everyone is to take ownership and responsibility for what you hold, to whom you give it, for what worth, and determine if it is really necessary.
Your roadmap to achieving DPIA excellence
We’ve gathered our top insights on securing a successful DPIA process. It includes step-by-step guides, cheat sheets for getting management buy-in, and expert tips to make DPIAs a seamless part of your data protection strategy.