Legal Compliance in Digital World
Transcript of the Conversation
Legal compliance in digital world from a law perspective. Well, yes, sir, we are talking about digital trust. We're talking about AI, emerging technologies, then privacy remains a concern, and the legal landscape continues to evolve. Now, all this requires companies to put in a perspective, put in a strategy for creating digital trust, complying with the law, mitigating risks, being aware of privacy concerns, being ethical as well. Now all these are fundamental questions which companies are grappling with, and nobody has easy answers. Now, there are different perspectives, and how about taking all this from perspective of a lawyer, and I'm talking about none other than Valeriy Stalirov.
FIT4Privacy 00:51
Hello and welcome to the fit for privacy podcast with Punit Bhatia. This is the podcast for those who care about their privacy. Here your host, Punit Bhatia, has conversations with industry leaders about their perspectives, ideas and opinions relating to privacy, data protection and related matters. Be aware that the views and opinions expressed in this podcast are not legal advice. Let us get started.
Punit 01:20
So here we are with Valeriy. Valeriy, Welcome to the Fit4Privacy podcast.
Valeriy 01:25
Hi everyone. Thank you, Punit, for your invite.
Punit 01:29
It's great to have you and maybe let's start with the basic point that there is a rapid evolution of technology now, both in legislative and as well as challenges, because technology grows, technology evolves, and then the law follows exactly. So, I want to ask you your views on the recent regulatory trends, particularly in the data protection, cyber security, and the implications of emerging tech like blockchain, AI, or Internet of Things.
Valeriy 2:00
Yeah, so, it's a great question. Thank you for asking, because I think it's really crucial for modern world, because we live in digital area when technology really change our life. And I believe without law, without digital legislation, we can't imagine modern world because we use digital solution in our business, our life, in our job, and this impossible to imagine modern world without digital knowledges, and I think this is really challenge for modern law system, because a lot of countries really meet with keyword security, web three development and AI technologies, and this really challenge political system, because we need to create New Digital law which will protect interest, business users and companies, because without good regulations, without legal system, we will have a lot of relations in internet, but internet to allow for us to get more opportunities growth, and we can see technology revolutions involved, and I think it's great, but we need to ready for a lot of changes in law. I will try to explain this the changes in our conversation.
Punit 03:34
Okay, so that does make sense, but then AI can also be used in the legal practices like AI tools are already making greater efficiency in other processes, and I'm sure they can make greater efficiency in legal processes as well. Have you seen any specific tools that are used in the legal domain for different tasks, different use cases?
Valeriy 03:58
Yeah, precisely because we use occupational intelligence in our legal world. Is usual for us, because we review legal documents, we prepare the letter diamonds, and we check with AI, because it's really assist me and help when I work with text and when I want to research and find information in internet, because without AI, we can do our work really, because in our time, we can't imagine how we can work with volume work without AI, because AI can translate our documents can improve our language and text. Can check our mistakes and show me opportunity for improving this legal solution and for example, agreements when I prepare these legal documents for my clients. But it's a good tool, and I believe it. Will work in future and will influence for legal framework in all company, because without AI or we really lose a lot of opportunities to work swiftly and faster.
Punit 05:16
So, that's good, yeah. AI is also used in legal practices to increase efficiency. I mean, translate documents, do the corrective grammar checks or predictive analytics, that's interesting, but yeah, also comes with challenges, you know, like, how do you define copyright in the digital world? Who has the copyright and how or which laws would apply? Do you have a view on the copyright in context of the digital world?
Valeriy 5:45
So, pretty nice questions, because it's so interesting. I think when AI to create documents, and, for example, also eats and prepare documents for codes for trial. I think only lawyer check these legal documents and this intellectual property will belong only a creator, and creator will have rights to use this intellectual property in business, work, and we can't talk about AI intellectual properties, because AI can't manage this intellectual property. AI, this is tool which helped me to work with legal framework. AI can help me to find information and draw up, for example, documents and or text, but I will be owner this intellectual property because it's impossible and unbelievable to imagine how AI will manage all intellectual property involved. This is so dangerous, and I am. I don't believe in this things in future. But I know legal opinion from different local councils in in the USA say about separate intellectual property and AI will create intellectual property. But for my opinion, I think only people can create and manage but yeah, it's only tool for us.
Punit 07:22
Okay. so good point. AI is a tool, and we should manage copyright rather than AI managing copyright for us. But then that leads to something called trust, because in the normal world, you see me, I see you. We choose if we want to trust each other or not. But then these days, trust is becoming more digital. And how would you define this concept of digital trust?
Valeriy 07:50
How we can define digital trust, digital trust, this is a really challenge for modern world, because I told this previous time, and I think technology will change our mention, because we really use this in our all field, our life. But I think when we speak about total trust, we should build security system and security measures which develop, you know, in modern world, because we know about, for example, compliance and CCP compliance in USA, in European countries. And we have a legal landscape for the great relationship between business users. And we have applicable rules in law, and we need to implement, implement these rules in our business and apply this rule in our IT products. Because it products, for example, doesn't conduct a data impact assessment. And these IT products, for example, mobile application of websites, SaaS or CRM system, if they don't have SEO certification, and they can disclose confidential information without concept form permission from users, this is violation. This is breach of rules. And I think we, we are lawyers, and we need to notify our clients, both this practice legal practice involved and about these obligations, and establish these liabilities in agreements and privacy policy, because modern world has legal framework, for example, privacy policy and digital law, which establish rules that applicable in ek products, and this influence for trust in digital because when we speak about countries without digital legislation, where government didn't create rules and restrictions. Because we have more relation situations when users writes war Richard and can see COVID decision about disclosing data without permission from users. And modern world tried to regulate this field, and we have a lot of updates from FTC, and FTC in the USA, because this is general bodies who create a lot of rules and restrictions which applicable for American business, American ek business, and we work with digital agencies who apply these rules and try to follow all guidelines in the USA, and we know this practice and experience, or when FTC can regulate and punish for violations, actions, illegal actions in the USA. So, for my opinion, digital trust is really exist if we can comply with all rules and necessary technical requirements
Punit 11:08
That fairly said, I think digital trust really exists when we comply with the rules, but if we don't comply with the rules, then it creates risk for business, and maybe let's talk about some privacy and AI risks also, and how do these come into play, or potential risks or effective strategies that can be used for mitigating the risks?
Valeriy 11:33
Yeah, when we speak about mitigating privacy risk, when we use AI, I suppose it's really possible, because AI can draw up letters and send in this letter for users. When I thought about working with digital agencies in the USA, they used AI in business, and they developed marketing system and applying AI technologies. And this is dangerous for relations rules, because we have enough regulations in privacy field, and we have data privacy protection law, and in this situation, really, we need to implement these rules in our business, because without implementing process, we will have violations and punishment from government. And so I think privacy mitigation process, this is really hard question in modern world, because I am sure all our all users in internet can see we how many will have data relations that are rich in internet, so but I believe government can create data protection measures and technology development company will regulate. It will be regulated, and I think when we talk about privacy audits and privacy assessments, we can handle with these practices and compliant internal data protections law like GDPR or CCPA and modern world has privacy system, but in for of our opinion, we need to improve this process.
Punit 13:27
Absolutely, we do need to improve this process. So, when we talk about the emergence of laws, emergence of legal practices, or the need for digital trust or managing risks, the challenge for businesses is, how do they prepare for upcoming changes in the global data privacy regulations? Because since the GDPR in last five or six years, what has happened is every month or every few weeks, there is a new legislation, and it is a huge effort for businesses to prepare every time for a new legislation. So, in your view, how can a business, or how should a business, prepare for the upcoming changes in privacy regulations?
Valeriy 14: 07
Yeah, I understand you. Thank you for your question. I think digital business and IT company should be prepared for all changes in law, because when GDPR was accepted. We had enough time for implying process and set up rules in our business, and we have enough experience for working with this law. It's privacy law, and we know how to conduct privacy audits in IT companies. And I think this experience we can share is our with our clients, because we develop a privacy policy, for example, for mobile application, vintage health care insurance field, and we can quite advice about privacy regulations and a provide some conclusions about business process and try to fix some troubles and violations in business. And I think we can improve and build a legal process in current company, because really, we can't predict all changes in data protection legislation, but I think we can implement current rules involved, because we have a lot of opinions from FTC, from governments, and we have public cases involved when the biggest company involved obtain penalties from regulations agencies, for example, Google, Twitter and meta or Facebook, they paint penalties in European countries When European regulators couldn't see process and partnership this company for violation privacy rules, so and this is reason for mindful research and analysis, because without analysis, disclose violations in business development and using technology products, this is really risks for future because we can, we can get a lot of penalties, and this company will be liability for this illegal actions, and we are loyal, and we should fix this and try to avoid bad consequences for our clients and work with complex tasks and try to share our experience and work with really legal challenge in modern world, because we can see these changes in law, but business should be flexible meet with this challenge without destruction process, because we need to comply with all rules. And it business can research this information and implement this before, before bad consequences.
Punit 17:17
And when you talk about the preparation from business perspective to regulations, there's also a dimension of ethical preparation, or ethical considerations? Are there? Or what are the ethical considerations that can be taken into account while addressing especially the new generation or emerging technology like AI solutions?
Valeriy 17:38
Yeah, when we use AI and implementing our business process, we will responsible for all illegal actions, because AI can improve our process and build and build new legal frameworks in companies. But it is not enough. This system required to or did, and after checking control and compliance check, we can make a solution about next step and assessment current business model and disclose business risks. Okay?
Punit 18:19
And while we talk about all this, is there a specific case that you can discuss where probably a legal intervention, let's say that helped a technology company turn the regulatory challenge into more of a strategic advantage, because, you know, the regulatory compliance is usually seen as an overhead but we know from experience that you can convert a regulatory challenge it to a strategic advantage. Do you have any case that you can share with us?
Valeriy 18:51
Yeah, we have cases with our clients in the same European countries where we provided advices and we work with the legal space and legal landscape, and I think we can share this information with our listeners, because I believe this is relevant agenda for all technology companies, because we are technology lawyers, and we try to follow all changes in modern digital law, and we try to implement this legal requirements in business our clients. So when we spoke about CCP, GDPR, FTC compliance, we worked with our client to analyze these rules, and for example, we include a lot of points and provisions in our agreement with partners, advertisers, publishers, with users, EK product, because our goal to establish liability, we try to restrict our responsibility in business, because when we speak about 80 business or we can say that users don't see for compliance procedure, but business companies, they need to follow and implement this in business process, because regulation system trying to restrict us and establish new rules which will control our business.
Punit 20:30
That makes sense. And I mean, from my perspective, I think I have the insights that I expected from you. And before I say thank you, I would really like to understand, how do you support your clients in the journey in terms of implementing the laws and so on? If you'd like to share something about that.
Valeriy 20:53
Yeah, thank you for questions, because I think when we work with our clients, we started our work with our deed and we try to find all breaches and all violations in business, because it's our responsibilities, and our lawyers spoke with clients, with owners, and try to analyze all legal documents with partners with Counter Party, because after this complex audit, we can research legal documents in company and provide legal strategy for development in company. Because, for example, when we work with companies, with digital agencies, with products at company, we try to understand all requirements for this business in international law, and after our review, we can give advice and legal solutions for implementing their business because without good research, we can make a decision about business process. But I know a lot of IT companies, they get about this approach, and they seem to use already legal solutions without research and this is misleading. This is a mistake, because when company can get penalties, lawyers will be responsible for this, because we need to avoid bad consequences for company and build strong legal system with agreements, with policies, with compliance procedure, which follow all requirements in countries and react for new challenges, for new changes in laws.
Punit 22:53
It does make sense. I think companies should not take legal matters simply or easily. They should do the due diligence and apply. And situation is that it depends what is the solution in context of a company, it's not always a generic solution that you can search on Google or Bing. So that's
Valeriy 23:14
Where due diligence, we can't make decision.
Punit 23:18
Exactly, and that's where due diligence from experts like you, me and others in legal or compliance domain helps, and with that, I would say it has been wonderful to be having your thoughts on these different matters. And if somebody wants to get in touch with you, what would be the best way to contact you
Valeriy 23:41
So, I can share my personal contacts and our websites because we described all services which we provide for our clients. For example, GPR compliance, EK compliance, we establish company in the USA and European countries. We provide tax advice and work with agreements in company. So, and we do a lot of work, and I think you can see this information on our website, and because we can share a lot of contents about our cases and about our success.
Punit 24:18
Sure, so with that, I would say, thank you so much for your time. It was wonderful to have you, and I wish you success in your business.
Valeriy 24:26
Thank you for having me. I appreciate it.
FIT4Privacy 24:30
Thanks for listening. If you liked the show, feel free to share it with a friend and write a review if you have already done so. Thank you so much. And if you did not like the show, don't bother and forget about it. Take care and stay safe. Fit4Privacy helps you to create a culture of privacy and manage risks by creating, defining and implementing a privacy strategy that includes delivering scenario-based training for your staff. We also help those who are looking to get. Certified in CIPPE, CIPM and CIPT through on demand courses that help you prepare and practice for certification exam. Want to know more, visit www.FIT4Privacy.com. That, www.FIT the number4 privacy.com, If you have questions or suggestions, drop an email at hello(@)fit4privacy.com, until next time.
Conclusion
As we continue to move deeper into the digital age, one thing is clear—trust doesn’t happen by accident. It’s built through transparency, accountability, and a commitment to doing things the right way. Compliance with privacy laws and regulations isn’t just about avoiding fines; it’s about protecting people’s data and giving them confidence in the businesses they interact with. Technology can make this easier, but it’s up to businesses to take the lead, stay informed, and be prepared for what’s next. At the end of the day, building trust is about more than just following rules—it’s about creating meaningful connections and showing customers that their privacy and security matter.
ABOUT THE GUEST

Valeriy Stalirov leads a legal team specializing in providing tailored legal solutions for IT companies involved in product development, outsourcing, and out staffing across various countries, including the USA, Canada, UK, Germany, and others. His team offers expertise in drafting contracts to regulate tasks, payments, and deadlines, ensuring compliance with bank, tax, and intellectual property laws. They also create Terms of Use and Privacy Policies for online platforms, perform GDPR/CCPA audits, and develop software licenses for product monetization. Valeriy’s team consults on international tax compliance, helps register IT companies in the USA and EU, and assists with shareholder agreements and due diligence for venture investments. Additionally, they resolve conflicts, negotiate disputes, and handle international arbitration claims.

Punit Bhatia is one of the leading privacy experts who works independently and has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organization culture with high AI & privacy awareness and compliance as a business priority by creating and implementing a AI & privacy strategy and policy.
Punit is the author of books “Be Ready for GDPR” which was rated as the best GDPR Book, “AI & Privacy – How to Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 50 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured amongst top GDPR and privacy podcasts.
As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one’s value to have joy in life. He has developed the philosophy named ‘ABC for joy of life’ which passionately shares. Punit is based out of Belgium, the heart of Europe.
For more information, please click here.
RESOURCES
Listen to the top ranked EU GDPR based privacy podcast...
EK Advisory BV
VAT BE0736566431
Proudly based in EU
Contact
-
Dinant, Belgium
-
hello(at)fit4privacy.com