<p>Finding it difficult to navigate the changing landscape of data protection? In this episode of the DMI podcast, host <a href="https://willfrancis.com/" target="_blank" rel="ugc noopener noreferrer">Will Francis</a> speaks with <a href="https://ie.linkedin.com/in/stevenroberts-marketing" target="_blank" rel="ugc noopener noreferrer">Steven Roberts</a>, Group Head of Marketing at Griffith College, Chartered Director, certified Data Protection Officer, and long-time marketing leader. Steven demystifies GDPR, AI governance, and the rapidly evolving regulatory environment that marketers must now navigate. </p><p>Steven explains how GDPR enforcement has matured, why AI has created a new layer of complexity, and how businesses can balance innovation with compliance. He breaks down the EU AI Act, its risk-based structure, and its implications for organizations inside and outside the EU. </p><p>Steven also shares practical guidance for building internal AI policies, tackling “shadow AI,” reducing data breach risks, and supporting teams with training and clear governance. </p><p>For an even deeper look into how businesses can ensure data protection compliance, check out Steven’s book, <a href="https://www.claruspress.ie/shop/data-protection-for-business-compliance-governance-reputation-and-trust/" target="_blank" rel="ugc noopener noreferrer">Data Protection for Business: Compliance, Governance, Reputation and Trust</a>. </p><p><strong>Steven’s Top 3 Tips </strong></p><ol><li><strong>Build data protection into projects</strong> from the start, using tools like Data Protection Impact Assessments to uncover risks early. </li><li><strong>Invest in regular staff training</strong> to avoid common mistakes caused by human error. </li><li><strong>Balance compliance with business performance</strong> by setting clear policies, understanding your risk appetite, and iterating your AI governance over time. </li></ol><p>The Ahead of the Game podcast is brought to you by the Digital Marketing Institute and is available on ⁠⁠⁠⁠<a href="http://www.youtube.com/channel/UCdWKV2YlzIxeVNDzvfbvSxg" target="_blank" rel="ugc noopener noreferrer">YouTube</a>, <a href="http://podcasts.apple.com/ie/podcast/ahead-of-the-game/id1502583392" target="_blank" rel="ugc noopener noreferrer">Apple Podcasts</a>⁠⁠⁠⁠, ⁠⁠⁠⁠<a href="http://open.spotify.com/show/6r6nCK6XALNOAiXvHoxyve" target="_blank" rel="ugc noopener noreferrer">Spotify⁠⁠⁠⁠</a>, and ⁠⁠⁠⁠all other podcast platforms. </p><p>And if you enjoyed this episode please leave a review so others can find us. If you have other feedback for or would like to be a guest on the show, email the podcast team! </p><p><br /></p><p><strong>Timestamps </strong></p><ul><li><p>01:29 – AI’s impact on GDPR &amp; the explosion of new global privacy laws </p></li></ul><ul><li><p>03:26 – Is GDPR the global gold standard? </p></li></ul><ul><li><p>05:04 – GDPR enforcement today: Who gets fined and why </p></li></ul><ul><li><p>07:09 – Cultural attitudes toward data: EU vs. US </p></li></ul><ul><li><p>08:51 – The EU AI Act explained: Risk tiers, guardrails &amp; human oversight </p></li></ul><ul><li><p>10:48 – What businesses must do: DPIAs, fundamental rights assessments &amp; more </p></li></ul><ul><li><p>13:38 – Shadow AI, risk appetite &amp; internal governance challenges </p></li></ul><ul><li><p>17:10 – Should you upload company data to ChatGPT? </p></li></ul><ul><li><p>20:40 – How the AI Act affects countries outside the EU </p></li></ul><ul><li><p>24:47 – Will privacy improve over time? </p></li></ul><ul><li><p>28:45 – What teams can do now: Tools, processes &amp; data audits </p></li></ul><ul><li><p>33:49 – Data enrichment tools: targeting vs. Legality </p></li></ul><ul><li><p>36:47 – Will anyone actually check your data practices? </p></li></ul><ul><li><p>40:06 – Steven’s top tips for navigating GDPR &amp; AI </p></li></ul><p></p>

Ahead of the Game

Digital Marketing Institute

GDPR and AI Regulation for Marketers

NOV 28, 202552 MIN
Ahead of the Game

GDPR and AI Regulation for Marketers

NOV 28, 202552 MIN

Description

<p>Finding it difficult to navigate the changing landscape of data protection? In this episode of the DMI podcast, host <a href="https://willfrancis.com/" target="_blank" rel="ugc noopener noreferrer">Will Francis</a> speaks with <a href="https://ie.linkedin.com/in/stevenroberts-marketing" target="_blank" rel="ugc noopener noreferrer">Steven Roberts</a>, Group Head of Marketing at Griffith College, Chartered Director, certified Data Protection Officer, and long-time marketing leader. Steven demystifies GDPR, AI governance, and the rapidly evolving regulatory environment that marketers must now navigate. </p><p>Steven explains how GDPR enforcement has matured, why AI has created a new layer of complexity, and how businesses can balance innovation with compliance. He breaks down the EU AI Act, its risk-based structure, and its implications for organizations inside and outside the EU. </p><p>Steven also shares practical guidance for building internal AI policies, tackling “shadow AI,” reducing data breach risks, and supporting teams with training and clear governance. </p><p>For an even deeper look into how businesses can ensure data protection compliance, check out Steven’s book, <a href="https://www.claruspress.ie/shop/data-protection-for-business-compliance-governance-reputation-and-trust/" target="_blank" rel="ugc noopener noreferrer">Data Protection for Business: Compliance, Governance, Reputation and Trust</a>. </p><p><strong>Steven’s Top 3 Tips </strong></p><ol><li><strong>Build data protection into projects</strong> from the start, using tools like Data Protection Impact Assessments to uncover risks early. </li><li><strong>Invest in regular staff training</strong> to avoid common mistakes caused by human error. </li><li><strong>Balance compliance with business performance</strong> by setting clear policies, understanding your risk appetite, and iterating your AI governance over time. </li></ol><p>The Ahead of the Game podcast is brought to you by the Digital Marketing Institute and is available on ⁠⁠⁠⁠<a href="http://www.youtube.com/channel/UCdWKV2YlzIxeVNDzvfbvSxg" target="_blank" rel="ugc noopener noreferrer">YouTube</a>, <a href="http://podcasts.apple.com/ie/podcast/ahead-of-the-game/id1502583392" target="_blank" rel="ugc noopener noreferrer">Apple Podcasts</a>⁠⁠⁠⁠, ⁠⁠⁠⁠<a href="http://open.spotify.com/show/6r6nCK6XALNOAiXvHoxyve" target="_blank" rel="ugc noopener noreferrer">Spotify⁠⁠⁠⁠</a>, and ⁠⁠⁠⁠all other podcast platforms. </p><p>And if you enjoyed this episode please leave a review so others can find us. If you have other feedback for or would like to be a guest on the show, email the podcast team! </p><p><br /></p><p><strong>Timestamps </strong></p><ul><li><p>01:29 – AI’s impact on GDPR &amp; the explosion of new global privacy laws </p></li></ul><ul><li><p>03:26 – Is GDPR the global gold standard? </p></li></ul><ul><li><p>05:04 – GDPR enforcement today: Who gets fined and why </p></li></ul><ul><li><p>07:09 – Cultural attitudes toward data: EU vs. US </p></li></ul><ul><li><p>08:51 – The EU AI Act explained: Risk tiers, guardrails &amp; human oversight </p></li></ul><ul><li><p>10:48 – What businesses must do: DPIAs, fundamental rights assessments &amp; more </p></li></ul><ul><li><p>13:38 – Shadow AI, risk appetite &amp; internal governance challenges </p></li></ul><ul><li><p>17:10 – Should you upload company data to ChatGPT? </p></li></ul><ul><li><p>20:40 – How the AI Act affects countries outside the EU </p></li></ul><ul><li><p>24:47 – Will privacy improve over time? </p></li></ul><ul><li><p>28:45 – What teams can do now: Tools, processes &amp; data audits </p></li></ul><ul><li><p>33:49 – Data enrichment tools: targeting vs. Legality </p></li></ul><ul><li><p>36:47 – Will anyone actually check your data practices? </p></li></ul><ul><li><p>40:06 – Steven’s top tips for navigating GDPR &amp; AI </p></li></ul><p></p>