Let’s talk about digital identity with Debbie Reynolds, Founder, CEO, and Chief Data Privacy Officer at Debbie Reynolds Consulting LLC.

And we’re back with series 2! Kicking us off is Debbie Reynolds, looking at privacy in contact tracing apps around the world. Debbie walks us through the potential issues with contact tracing apps with regard to regional laws, security risks which must be mitigated against and the practical effectiveness of the apps themselves. Debbie and Oscar also dive into the world of facial recognition – including the importance of accuracy and transparency around public practices and relevant regulations (GDPR, CCPA, BIPA etc.).

[Scroll down for transcript]

“For me, contact tracing is a profession, not an app”

Debbie ReynoldsDebbie Reynolds, “The Data Diva,” is a world-renowned technologist, thought-leader, and advisor to Multinational Corporations for handling global data privacy, cyber data breach response, and complex cross-functional data-driven projects. Ms. Reynolds is an internationally published author, highly sought speaker, and top media presence about global data privacy, data protection, and technology issues. Ms. Reynolds has also been recognised as a Technology Visionary and as a top leader in the Data Privacy industry worldwide.

Find out more about Debbie at www.debbiereynoldsconsulting.com and connect with her on LinkedIn.

We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!

Go to our YouTube to watch the video transcript for this episode.

Let's Talk About Digital Identity
Let's Talk About Digital Identity

The podcast connecting identity and business. Each episode features an in-depth conversation with an identity management leader, focusing on industry hot topics and stories. Join Oscar Santolalla and his special guests as they discuss what’s current and what’s next for digital identity. Produced by Ubisecure.


Podcast transcript

Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla.

Oscar Santolalla: Hello and thanks for joining today. ‘Facial recognition’, ‘contact tracing apps’ are terms that we have been hearing and reading very often in the last months. And we are going to discuss what are the implications in privacy and in the digital identity, and of course also opportunities related to that. And for that, we have a very special guest, an expert in that matter.

Let me introduce to you, Debbie Reynolds. She is “The Data Diva,” is a world-renowned technologist, thought-leader, an advisor to multinational corporations for handling global data privacy, cyber data breach response, and complex cross-functional in data-driven projects. Ms. Reynolds is an internationally published author, highly sought speaker, and top media presence about global data privacy, data protection and technology issues. Ms. Reynolds has also been recognised as a technology visionary and as a top leader in the data privacy industry worldwide.

Hello, Debbie.

Debbie Reynolds: Hello, Oscar. Thank you. That’s such a wonderful introduction. Thank you so much.

Oscar: It’s a pleasure talking with you. I really want to hear your opinion on some of these topics that I mentioned. But first of all, I want to hear a little bit more about you. So let us know how your journey to this world of privacy and digital identity was.

Debbie: Sure. So, I have been a ‘data junkie’ or a ‘data geek’ for many, many years. My first start in technology was working with library systems at times when they were trying to move from card catalogues to digital systems and databases. So, I started my technology career as a database administrator and I fell in love with data. And this was around the time a little bit before kind of internet became so commercially available to people.

So, at that time, I became very interested in privacy. This is like in the ‘90s actually, I read a book called The Right to Privacy that came out in 1997. And I was fascinated by the concept. So, I sort of had this parallel journey where I was working more in the data space in terms of helping– I ended working with multinational corporations, helping them do data movements for legal cases. So, moving data around the world and understanding how to do so legally, so I’ve been doing that for over 25 years. But as I kept keeping tabs on privacy, I didn’t realise that we eventually merged with what I was doing in my regular day job.

So, eventually, many years ago, about five or six years ago, I decided that I would move directly into privacy. So I already have a decent amount of contacts, people who knew me for privacy stuff. One of my biggest, kind of first forays only into privacy was being asked to speak at a very big, top 10 world corporation institute, people about data privacy. And this is before GDPR and everything. So, for me, it’s been a really interesting journey. It’s interesting to me that so much about things that I have been quietly looking at or keeping tabs on for over 25 years, people are very interested in now.

Oscar: Oh yes. So you started quite early into this, so in the late ‘90s, already I think probably at that time I didn’t hear anybody talking about privacy, most likely. I think it came much later. And well, fantastic. So, definitely you have a lot to tell us what has happened in these 2 decades – and more than two decades, a bit more than that. And especially in the last months, so we’re going to talk especially what has happened in the last months.

We know that there are customers, consumers and users who are knowledgeable about, taking caution about, data privacy. But we also know and it’s very clear that there’s a significant level of apathy for the rest of the people who are enjoying the benefits of internet, or benefit of being connected. But don’t care if when and/or don’t understand what happens if the privacy is violated. So, what do you think about if there’s anything that we, meaning that people like us who are in the identity and privacy sectors, can be doing to raise awareness over this potential risks?

Debbie: Good question. So, I think that because so much is happening in the world right now, because of so much in the news about contact tracing and things with Covid and also there’s a rise especially because of the pandemic, things like phishing attacks or cybercrime. A lot of those issues touch on people’s private rights and also their identity. So, I feel as though, because that’s more in the news now, it’s really important that privacy professionals take the opportunity whenever you can to educate your friends and family, educate your peers about privacy issues, raise the alarm there because I feel as though, as we said, there has been quite a bit of apathy about privacy laws and what’s done with your data.

So, I don’t know if people really understand the journey that their data takes and the risks. Like for example, let’s say you download an app you’re not really sure about, being more aware that not every app is good for you, because it maybe takes your data and does doing different things with it. So, just being more cautious and more aware that the threats are out there and that a lot of times we read about things in the news, people think, “Oh, that couldn’t happen to me.” But I think being able to understand that no one is immune. Anyone can be advantaged of by phishing attempts, or we all need to be careful about what we do with our health data. But then also the laws in different countries are very different in terms of how that protection goes. Where Europe is more protective of people’s data privacy rights and the US is very different because they think about privacy rights in terms of consumer or patients, as opposed to having privacy be a fundamental human right as it is in Europe.

Oscar: So a lot has to do with, we have to continue talking and everybody talk, whether it’s family or whoever we have the opportunity to talk with to always mention the privacy because it affects everybody.

Debbie: Absolutely. Especially younger people I feel like they may not really understand the risks. They can play really funny games on their phones and different things like that and not thinking about the risk. Like a teenager is not really thinking about identity theft, for example. Because maybe they’re not in the world the same way that an adult is. So, all those things especially older people, younger people, people who are in technology who aren’t thinking about these things every day, being able to remind them and having conversation with them is very important.

Oscar: Yeah, and for me, having the right information is very, very important. And related to that is that one of the key words at these times is contact tracing, so you’re seeing in the news people talk about that. But I know there are many misconceptions about that. So, some people don’t really understand. So, if we start with the definition of contact tracing, what will be a simple definition, concrete definition of contact tracing?

Debbie: Well, contact tracing, this is complex a little bit. So, in my opinion, contact tracing is a profession. It’s not an application that you download on your phone. So, contact tracing is the profession of having someone who is the expert at being able to talk with people and figure out their contacts especially in the lane of some type of communicable disease or some health crisis. So that’s what contact tracer is.

Contact tracing apps, what they do is- Apple and Google created the capability on cell phones for phones to literally become beacons, where they bounce information off of one another. And it can record contacts that you have or people that you may not even know where you have been in close proximity to them for 15 minutes or more. And then if you signed up for an app and this other person signs up for an app, and they test positive for Covid or have a positive test result, they can go onto the app and say that. So then what the app will do, it will go out to anyone within let’s say 14-day period that you have more than 15 minutes of close proximity with and it would inform them. But only does it if the person also has the app and he has also consented to do this tracing. So, that’s how contact tracing works in terms of apps in a nutshell.

Oscar: If you have heard, I mentioned misconception, have you heard some misconceptions that people had related to how contact tracing apps work?

Debbie: Well, it’s confusing because the way the contact tracing has been set up- With Apple and Google have done, they’ve set it up so every country has only one contact tracing app. And then every country can decide how they want to implement the application in their country. So, it’s not all that contact tracing apps behave the same way. The data often is stored in different ways.

For example, some countries decided they want the data to be stored on the person’s phone, to make it decentralised, so that other people can’t access it. And then some countries want to do it more centralised, where they’re tracking the information in a central location and then they’re contacting people. And then there has been a lot of issue worldwide about how not only the differences on how countries enact contact tracing, but how they are really trying to do this and also look at people’s privacy.

So, there was a story in the news yesterday or the day before about the UK and how they had put this contact tracing into service but they had never done a data privacy impact assessment. So as you know, under GDPR, that’s really the first thing you’re supposed to do when you’re introduce a new application or new technology. And they found that after the fact, that they had possibly broken some privacy laws based on the way that this contact tracing app was implemented.

So, in the contrast, countries like Australia, before they ever put the app out to users, not only did they do a data privacy impact assessment, their country saw that there were gaps in their current privacy laws that didn’t cover people’s privacy for contact tracing apps. So they actually passed an amendment to their privacy laws to make sure that the users understood their rights and also that they were protected against any type of data issue with contact tracing apps.

Oscar: Yeah. That’s something also important to notice that every country has or is implementing in a different way, as you have mentioned Google and Apple built the building blocks for these contact tracing apps and the countries are implementing in different ways. And of course, in different jurisdictions there are enough or not enough data privacy laws already in place.

Debbie: In the US, this may strike people astray, but because US on a federal level couldn’t decide on a privacy app but every state can decide for themselves. So, currently they say they’re only about four states in the US that actually have approved a contact tracing app and the rest have either not approved or just not said what they want to do. So, it’s just very different from country to country and how they implement it.

Oscar: And what will be the top privacy implications of this contract tracing?

Debbie: The top privacy implication of contact tracing in my opinion is depending on the country you’re working in or you’re in, people are concerned about the data about their health information, getting disseminated outside of a health setting. So, let’s say, Apple and Google, they are private companies, but you may not want Apple or Google to know that you have Covid. So, even though the information is the way that they set it up in the app, supposed to be very secure and very private, people are concerned about things like data breach and also, having that information spill over outside of a health setting.

So, for example, let’s say, someone feels like they may not get a job or get a loan, or in the US, because we are a private health insurance and not universal health insurance, people may be concerned that they may literally be dropped from their health insurance because someone thinks that maybe this person can’t come to work because they are sick or there are some other type of risk. So, the risk is having your very personal, private, health information possibly be leaked out to the public domain even though this is a health crisis.

So, there are things that will typically be private like let’s say, if someone had cancer, they would not have to tell their neighbour that or whatever. But contact tracing is a bit different where a person has a virus will be someone who can carry the virus and spread it to other people. So being able to really contact those people and let them know that they may need to seek medical attention or quarantine, that is very important.

But I think the debate is now whether contact tracing apps will really help in that regard. So, let’s say for instance, you’re in a car. Someone else is in their car and you’re close to each other for like 15 minutes. So let’s say, you’re parked in a car or you’re in traffic or something. Even though you’re close to that person, you’re both in a car, right? So, even if that person ended up having Covid or you did, that doesn’t mean that you were close enough so that you could possibly spread the virus, right? So, an app can’t really tell whether you’re separated by a window or a wall, or what situation that you’re in where you’re close in proximity to someone. So, those are the major issues of contact tracing apps that I see.

Oscar: And what is your personal opinion, would you be willing to install the contact tracing app on your phone for instance?

Debbie: That’s a good question. No, absolutely not. So, my issue with contact tracing, so I mean in the US, as I said, we don’t have a universal health system. So our laws in the US about health information relates to health information in a patient-doctor scenario. So, my health information is protected via the privacy laws in the US, the law’s called HIPAA. So that my privacy is protected by HIPAA law if I am exchanging health information with a medical provider. But once I- say I volunteer the information outside of a health setting, or give it to a contact tracing app, my rights then aren’t the same as they are in Europe.

So, in Europe, your privacy rights follow your data. Where in the US it’s not that way. So, if I were to give the information to a private company or outside of a health setting, my data is considered consumer data at that point, which has far less protection than health information. And then also, people who volunteer their information, they also have very little recourse for if someone uses or misuses that information. So, because of that, that’s not something that I will be interested in, in terms of contact tracing.

Again, because for me, contact tracing is a profession, not an app. Being able to work with someone in a medical setting, they have laws, and they have rules in terms of how to protect someone’s health information. But it may be very different in Europe, especially because you all have universal health care so people are as concerned. You aren’t going to be dropped from your health insurance because you have Covid, because you have a universal health system. So to me, I think it’s different from country to country based on the laws and the protections that people feel like they have with data.

And then to add to it, a lot of people are concerned about data breach, so phishing attempts or scams that people have where they’re trying to get information through you, they’re a little bit wary of giving more information than they think is necessary.

Oscar: It’s very important what you have said about what are the laws in the country you are because that will define how much you are protected in case you are using for instance, the contact tracing apps. Another practice that has happened also in some countries is that when you go to a small business, let’s say just a bar/to a restaurant, either the waiters or the bouncer can ask you information to do some type of contact tracing. What will you say how this can be done in a secure and somehow compliant way?

Debbie: I think it’s tricky because I know a lot of companies now, they’re taking people’s temperatures which is not bad in and of itself. When they’re recording that information, they may run afoul of certain privacy laws as that may not be acceptable. I know here in the state of Illinois, we have a very strong biometric privacy law, so just the act of recording the information down and keeping it may be an infringement on that law, especially if you’re not informing the individual about how you’re going to keep that information.

So, I understand that companies are very concerned about having people come in their establishments that may be ill, but I think just looking at the privacy laws and what you can do- like for example, let’s say you take someone’s temperature, and they have a good temperature, and you let them in, maybe that’s all that there needs to be. You may not need to record the information anywhere because either they have a temperature, or they don’t. So, that’s one thing that companies that are using this may need to take a look at. And if they wanted to take people’s names down, they need to make sure that that is aligned with the privacy laws they have. I think that you have to get person’s consent to do that, or what I’ve seen other establishments do is, if they find someone let’s say- and they do this in work situations too. So, let’s say someone went to the doctor and it turned out they were sick and they have Covid, they told them, “OK, I went to this bar, I went to work or something.” That health professional may be responsible for contacting an employer or contacting an establishment and saying “this person was in your establishment on this date and we think that they may have spread the virus” and then it’s up to the company or the business to decide how they want to disseminate that information. So, they may say, “Because X was around these people during this time period, this section of people probably need to quarantine or go get a test and things like that.”

Also, I think one thing that makes things really different country to country is the amount of testing there is. So, in the US, there isn’t a lot of testing. I know that they say there has been a lot of testing but there hasn’t been. So the US has over 330million people and as of last time I checked, I think the number of people they’ve tested is maybe 50 million, so that’s not a lot of people tested. But I think businesses and communities are doing the best that they can with having people social distance or wear masks and wash our hands and things like that. But it’s very different again from country to country and how they want to tackle that problem.

Oscar: Yeah, exactly. As you mentioned there are other ways to mitigate the impact of this pandemic and contact tracing – either apps or in a more manual way – is one of the tools for that. So it’s important that there are many other measures at the same time.

Debbie: Absolutely. Absolutely. And then one more thing I want to add about contact tracing for apps. In the world, there are only about 45% of people who have smart phones. So if we’re only relying on contact tracing app that means there are potentially 55% of people who can’t participate in using those apps. And then of the 45% of people who have contact tracing apps, because these apps are voluntary, they can’t guarantee that 100% of the 45% of people will be using those apps. So, being able to understand that it’s not a complete solution because again, there are people who aren’t using contact tracing apps that may need to be contacted in other ways so that they can be helped by health professionals.

Oscar: Yes, that’s a good point. And related to that, imagine a country that has a high penetration of mobile phones, what percentage of people that own a mobile phone should be enough for contact tracing to be effective, to really work?

Debbie: The studies have actually said they think that if you can get 60% of people with mobile phones to use contact tracing apps, they think it will be helpful. But the penetration rate currently in terms of percentage of people using contact tracing apps voluntarily are very low, I would say. I’m seeing countries saying 20%, 30%, I have not seen any over 30%. So, it’ll have to be much, much higher for that to even be a viable solution to cover more people. But then also I think people need to understand that not everyone has smart phones. So that number in terms of effectiveness is not as high as it should be, even with 60% of people using contact tracing apps, if we were ever to get that level in any country, doesn’t really cover the other people who don’t have smart phones.

Oscar: And another thing that I would like to discuss today is about facial recognition – that has some relationship with Covid and also in any other situation even without Covid. So, if you can first of all tell us, what are the ways facial recognition has been in place in the last couple of years?

Debbie: Yeah. So, facial recognition is any type of visual recognition of someone’s face, literally. And it’s been used in a number of ways. So, let’s say for instance, you have an ID card or driver’s license depending on the country that you’re living in. They may use your image in databases to be able to identify you or used in policing a lot of times. Let’s say you go into a restaurant or a retail store, a lot of those places have cameras and a lot of those cameras over the years have morphed into facial recognition cameras where they’re trying to see, are you a criminal? Are you on some watch lists, also on things like airports.

The thing facial recognition is getting a lot more sophisticated even are not necessarily more accurate. So, especially with the Covid thing now, there are makers of technologies for facial recognition that are also adding capabilities for thermal imaging. So let’s say you go to a airport and they may be able to see that you have temperature and they may target you for further screening in the airport. But some of those things have facial recognition – even some of them are as effective to be able to read people’s face through their mask even.

So, facial recognition is a huge problem around the world because people are concerned about how their images are being used. There was a programme that I saw about police agencies trying to use facial recognition databases as like a pre-crime thing, so try to detect or predict if a person looking at their faces there would be a susceptible to being a criminal or something. So, it sounds very science fiction like. One of the big issues not only about the civil rights or privacy rights of individuals and what is being done to this data – the big issue of facial recognition is it’s not accurate enough to be used for those high profile things. There are stories around the world where people are being arrested and jailed because they are mistaken for other people based on what a facial recognition system has said, “well we think this person is a criminal or something. Or, this person is on the watch list” and finding out that it’s not accurate but it can really harm the individual than being arrested by a police or harassed by someone because they think they are someone else.

Oscar: Well, how many ways that facial recognition is already in place because depends where you are. I guess some people are all the time trying to pay attention to where the cameras are. I don’t but the times I do it, I’m surprised there are cameras almost everywhere you are walking. And some of these cameras, some of the systems behind these cameras, have the capability to recognise a person, right? Not necessarily all of them, right? Some cameras are just recording a video and that’s it.

Debbie: Exactly. There was a story in the US that there was a big gathering, I guess this happened a couple of years ago. I think it was like a football game or something in a stadium. And they decided to use facial recognition on the crowd to try to see who was a criminal or who wasn’t. I think this is a California one if I’m not mistaken. So that was literally against their laws there in terms of consent of individual. So to do that you have to be able to let the person know that you’re going to do it. Because the technology is easier to get and a lot of companies – even though there are some big name corporations who have decided that they are not going to allow police, for example, to have their facial recognition software – there are literally maybe more than 200 companies that do facial recognition so that still is a hot seller in terms of having the technology. So I don’t think just because they stop that it’s going to stop facial recognition.

As you said, facial recognition has been around for a long time so I don’t see it stopping, but it definitely needs to either be improved so it is not having false positive results for people and then also it needs to be very transparent about what they are doing in terms of the images and how they are keeping or storing the information.

Oscar: Yeah, exactly. To be more accurate of course we really need to find the right person. And of course, the other part is that people are informed. Related to that, what are the laws that today protect people, related to facial recognition?

Debbie: So in Europe under the GDPR, if you’re on a record or have anyone’s picture taken, you have to inform them about what you’re doing and then the person needs to be able to consent in some way. So let’s say, you go to a self-checkout line in a store, and those lines are heavily used with cameras because they want to see what the person is doing and make sure that they aren’t taking anything but there are some stores who have resorted to putting signs around those stations or signs even on the floor saying “you step beyond this line, you’re going to be recorded” and things like that. So, in Europe consent is very important and making sure that people understand what’s being recorded and why.

In the US, there are very few laws actually against facial recognition or that type of recording because it happens so much. But there are laws like the CCPA in California and the BIPA, the Biometric Information Privacy Law in the state of Illinois. Those two laws have very strong information in it related to how you deal with people’s biometric information especially the Illinois law. So the Illinois law, you may not know this but this year, Facebook settled a case in the state of Illinois about their face tagging technology. So at some point many years ago when they were implementing this, they were not informing the person about what they were going to do with the images on Facebook about how they did this facial recognition and tagging of information. And because of that Facebook settled this case with the state of Illinois this year for $550 million.

So, if it had gone to court, they said, based on the calculation of this law, it was several hundred dollars for violation so let’s say for Facebook over a number of years, it was literally every time someone’s face was tagged in Facebook, so they calculated that if this case had gone to court and Facebook had lost they would have lost like $35 billion. So, once it went to a class action late last year, people knew that they were going to settle so they settled for like $550 million.

Now, keep in mind this is just in one state in the US. This isn’t any federal law or anything like that. So I think the interest in facial recognition and the use of biometrics is a worldwide problem. And I think that there are going to be more laws along that line because people, let’s say for instance, someone steals your fingerprint or your iris scan, they impersonate you and maybe they take money out of your bank account, it’s not like changing your password or someone hacks your computer. You can’t change your fingerprint or your iris scan or you can’t change your face.

So it’s huge issue worldwide about how these things are protected and how laws are written about how companies need to handle this data. I think Europe is way far ahead than other countries on privacy in general, in terms of regulation, but I think we’re going to start to see a lot more laws around the world that target biometrics and identity systems in particular.

Oscar: Wow so even Facebook has done some type of facial recognition and got some fines in Illinois.

Debbie: Absolutely. Yeah, so people don’t know, so when you’re on Facebook and let’s say you go to a party and someone takes your picture, even if you’re not on Facebook, that person may tag you or write your name on the picture. So Facebook is tracking all that information. So, if you’re literally voluntarily giving them that information and they are making decisions or they are making connections between you and other people. And then in the US, if you’re not a consumer of Facebook you don’t really have any rights to your image at that point. So, very different in the EU where your rights sort of travel with you, so it really doesn’t matter that you’re not a consumer, you could literally make a claim for a company if they have your information regardless of you being a consumer or not.

Oscar: Debbie, we are reaching the end of this conversation with you but leave us with a tip, a practical tip for anybody to protect their digital identity, especially in this new normal, if possible?

Debbie: Thank you so much, Oscar. So my tip for people to protect their identity, especially on their phones and things like that, I think phishing attempts. I think I saw a statistic that phishing attempts were up like, I don’t know, 70%? So as people are working from home or people are doing things they typically wouldn’t do, hackers take advantage of that. Say you’re working at home and maybe you got an email and your IT guy says, “Oh, I need you to give me your password or something.” No, that’s not something that you should be doing. So you shouldn’t be divulging your personal information, especially phishing attempts typically are some inbound message when someone is asking you to do something that you wouldn’t typically do and they want you to do it really fast.

So, let’s say you get an email that looks like it’s from your IT guy, my recommendation is for people, don’t respond via email, if you feel like they’re impersonating someone. Pick up the phone and try to call that person or tell them to call you. A lot of phishing attempts if you change the mode of the contact, they’ll stop. So, if you asked for their phone number or you would say, well, let me call you, they’ll just stop because what they are looking for is people who are going to continue to interact with them in the way that they started the interaction with you.

So, really try to switch that up and make sure that you’re not clicking on links that you’re not familiar with. Call people if it looks suspicious, you may want to pick up the phone and call that person and say, “Hey, did you send me this email? And they may say, “No, I didn’t.” So, just being more vigilant about the things that you click on and the messages that you get during the request just to make sure that you’re safe. You’re not having viruses on your computer.

Also, I recommend that people make sure that they are updating their computers. Some people, they keep their computers on all night which is not a good idea, in my opinion. Also, they may not be rebooting their computers often enough and they’re not installing the patches that come with their computing environment. So, those are all really good things that people need to do. Just be vigilant. If it seems suspicious to you, don’t feel like you have to act right away, just wait and see how things play out. Or again, try to have that person contact you by phone or you contact someone else by phone just to verify this information.

Oscar: Yeah, exactly. Being very vigilant, because many people today are spending more time connected than before so the attackers have more chances to interact with us. So, thanks a lot Debbie. It has been very enlightening hearing all this from you, from all the experience you have. And please let us know how people can either get in touch with you or find the work you are doing, what are the best ways for that?

Debbie: Sure. Thank you so much. I really appreciate the call. This was fascinating. So, people can contact me on my website, www.debbiereynoldsconsulting.com. Also, I am on LinkedIn, very active there so people can contact me on LinkedIn. I’m happy to accept people’s invitation. I put a lot of content on LinkedIn so people can see a lot of videos that I do, or articles that I write or things that I post about, the things that are happening in data privacy.

Oscar: Mm-hmm. Debbie’s website is excellent. She has for instance very short videos in which she explains difference cases, different laws, privacy laws about COVID-19 et cetera. Very short videos and very simple. So thanks a lot for doing that, Debbie. It’s a great job you are doing so I invite everybody to go and have a look at that. And again, thanks a lot Debbie and all the best!

Debbie: All right. Thank you so much, Oscar. I appreciate it.

Thanks for listening to this episode of Let’s Talk About Digital Identity produced by Ubisecure. Stay up to date with episodes at ubisecure.com/podcast or join us on Twitter @ubisecure and use the #LTADI. Until next time.

[End of transcript]