This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Recapping the Inaugural DataGrail Summit

DeAndrea Salvador, September 27, 2023

What is DataGrail Summit?

On September 20th, 2023 we kicked off the inaugural DataGrail Summit, bringing together security, legal, and privacy experts for a one-day event dedicated to exploring the latest trends in data privacy, AI, and cross-department collaboration. In this recap, we’ll dive into the event’s highlights, key themes, and top takeaways that made it a unique and valuable experience.

Missed the live event? Don’t worry! You can catch up on all the insightful sessions and presentations by visiting the DataGrail Summit Hub to access on-demand recordings.

DataGrail Summit 2023 was more than just a meeting of minds; legal, security, and privacy leaders came together in dynamic dialogue. With industry trailblazers like Alex Stamos (Former Chief Security Officer, Facebook), Julie Bornstein (Former COO, Stitch Fix), Alyssa Harvey Dawson (Chief Legal Officer, HubSpot), and more sharing their perspectives, the Summit buzzed with a wide spectrum of insights and discussions. While we touched on a myriad of topics, we’re zooming in on three standout themes for this recap: the transformative might of AI, the magic of cross-department collaboration, and the evolving story of data privacy and personalization. So, buckle up as we navigate these highlights from our action-packed day!

Theme 1 – Privacy and AI

The transformative power of AI continues to reshape industries, especially within the realms of retail and B2C sectors. The Summit’s panels unpacked the vast potential and inherent challenges of AI, including how to use it to enhance customer experiences with personalized algorithms and approaches to address the concerns of data misuse.

Alex Stamos, former Chief Security Officer of Facebook and now director of the Stanford Internet Observatory and Co-founder of Krebs Stamos Group, brought to the fore some hard-hitting truths about AI. He emphasized the nuanced balance between leveraging AI for business growth and ensuring ethical data practices. Drawing from his hands-on experience with tech giants, Stamos highlighted the real-world implications of AI on information security. He stressed the importance of being proactive, not just in technology adoption but also in understanding the ripple effects it creates in the realms of data privacy and ethical considerations. He shared, “Many companies are going to have shadow IT where they are using generative AI without anyone knowing.” This insight underscores the urgency and importance of maintaining visibility and governance over AI initiatives within organizations.

One significant takeaway from Stamos was the need for a unified approach. As AI systems grow more intricate, collaboration between security leaders, policy makers, and legal experts becomes paramount. It’s not just about harnessing the power of AI, but doing so responsibly, ensuring that the strides in technology also reflect a commitment to user privacy and ethical considerations.

👉 Further reading: Generative AI and Privacy

Theme 2 – Cross-Department Collaboration

In today’s complex business landscape, collaboration across departments is no longer just a recommendation—it’s a necessity. This became evident during the Summit as discussions unraveled the intricate interplay between legal, security, and privacy teams.

JJ Bollozos (Chief Privacy Officer, Thomson Reuters), Alyssa Harvey Dawson (Chief Legal Officer, HubSpot), and Kevin Paige (CISO, Uptycs) emphasized the importance of cross-departmental collaboration. 

Alyssa Harvey Dawson touched on the essence of privacy, remarking, “It’s about our ability to have control over our information.” This sentiment underlined the critical importance of trust, which can only be built when there is clear communication and a shared sense of responsibility across teams.

Kevin Paige honed in on the data security aspect, challenging organizations with the question, “At the end of the day, are you doing the right thing to protect information?”

It became clear that for effective collaboration, three pillars are indispensable:

  • Clear Communication: This ensures that all departments are aligned in their objectives, reducing potential conflicts and fostering a unified approach.
  • Shared Responsibility: Privacy and security are not the sole domain of one department. It’s a collective effort that requires input and expertise from various teams.
  • Role of Technology: Leveraging technology can greatly enhance collaboration, be it through shared platforms, collaborative tools, or systems that facilitate seamless information exchange.

Takeaways and Actionable Insights

Raising the Bar with Cyberrules for SEC: The forthcoming cyberrules for the SEC are a clear indicator of the need for organizations to elevate their standards, spotlighting the importance of privacy and advocating for the requisite investments in resources.

Dive Deeper than Legalities: Beyond legal terms lies the realm of real-world implications. Understand why privacy and security are pivotal, not just from a regulatory perspective but from a standpoint of business value and trust.

Harness Technology for Collaboration: With the myriad of tools available today, organizations are empowered to break down silos. Embracing technology can foster collaboration and ensure all teams are on the same page.

In conclusion, for organizations to truly thrive in this domain, they must champion clear communication, uphold a sense of shared responsibility, and utilize technology to bolster collaboration between legal, security, and privacy teams.

👉 Further reading: Your General Counsel and CISO Must Align on Privacy

Theme 3 – Uncovering What’s Next

The evolving landscape of data privacy offers both exciting possibilities and new challenges. The Summit delved deep into what lies ahead, particularly at the intersection of AI-driven personalization and privacy.

The “Flywheel of Trust” session showcased the balance businesses must strike between offering personalized experiences and ensuring data privacy. Julie Bornstein (Former COO, Stitch Fix), pointed out the importance of collecting data to enhance user experiences. However, she emphasized, “The amount of data you collect requires trust. If you ask a question that seeks to collect data for a better experience, you better provide that better experience.” This sentiment was echoed by Jess Hertz (General Counsel, Shopify), who highlighted the promise of the internet: “It’s the original promise of the internet – that data and technology can serve things that are different and relevant to users.”

Later, our CEO, Daniel Barber, chimed in on the broader implications of AI in shaping personalized experiences. “We want people to use AI – it’s advancing the way we do work. BUT we need to ensure we have the right safeguards,” he shared, emphasizing the balance between innovation and privacy.

Takeaways and Actionable Insights

Elevate Personalization Responsibly: Businesses stand to gain significantly from personalized experiences. But this personalization should be grounded in trust, transparency, and ethical data practices.

Harness AI’s Potential: AI’s ability to offer tailored experiences is unmatched. However, companies must ensure they implement AI ethically, balancing innovation with data privacy concerns.

Open Communication is Key: As businesses dive deeper into personalization, they must ensure they communicate clearly with consumers about how their data is used, offering them choices and control.


The DataGrail Summit fostered meaningful conversations and provided actionable insights into the intricate world of data privacy, AI, and cross-department collaboration. These areas are intrinsically linked and that organizations must adapt and collaborate to successfully navigate this landscape.

📽️ To revisit the invaluable sessions and presentations, head over to the DataGrail Summit Hub for on-demand access.

Stay informed about upcoming DataGrail events, webinars, and updates by following DataGrail on LinkedIn and subscribing to our newsletter. Don’t miss out on the opportunity to stay ahead in the ever-evolving world of data privacy and collaboration.

subscribe to GrailMail

Like what you see?

Get data privacy updates sent straight to your inbox.