Home / 

Podcasts / 

#15 Breaking Down the GDPR, Privacy by Design, and the EU AI Act

Summary of the Podcast

Join host, Kyle Morris, and Data Privacy Attorney, Tracy Boyes, as they dive deep into GPDR head first. This Comply or Die episode explores Tracy’s journey into data privacy, the challenges of GDPR compliance, technological advances and their impact on data privacy, and intriguing insights into jurisdictions facing emerging privacy laws.

Tracy provides insights into GDPR being principle-based legislation, its flexibility, and addresses the extraterritorial reach of GDPR for companies that collected data pre-GDPR era.

Key Takeaways:

  • GDPR compliance depends on the type of data processed and the intrusiveness of the application, stressing the principle-based nature of GDPR that allows room for interpretation & flexibility.
  • Privacy by design: This concept is an effective approach to integrating privacy considerations from the start of projects, albeit requiring a tricky balance between speed & GDPR compliance.
  • The emerging EU AI Privacy Act and its challenge with AI models requiring large volumes of personal data were explored. 
  • The power of anonymizing data

Links & Additional Resources:

Webinar: GDPR Guidelines for Startups: To Comply or Not to Comply
Blog: How to Create a GDPR Data Protection Policy ⁠⁠
Blog: Breaking Down the EU’s AI Act: The First Regulation on AI

Remember, GDPR compliance may seem daunting at first but like Tracy says, it’s more like physical exercise. Once you are on board, it’s more of a routine than a chore! 

Join us on Social Media:




The SOC 2 Bible

Everything you need to know about compliance