Maria (Boux) Morganti Avatar

The Diary of a digital Journey

Category: Compliance

  • Redefining Tech with Ethics: “Whoever writes the code dictates the rules.”

    Redefining Tech with Ethics: “Whoever writes the code dictates the rules.”

    At the inaugural FPS2025 summit, one of the most captivating conversations centered on the intersection of artificial intelligence (AI), privacy, and the ethical implications of technology.

    Meredith Whittaker, President of Signal and a vocal advocate for tech accountability, engaged in a thought-provoking discussion with Matteo Flora, the most expert on AI and digital reputation in Italy and probably one of the most prominent at global level. Their conversation, which took place in L’Aquila, Italy, highlighted critical issues in the tech industry today — from the dangers of surveillance capitalism to the ethical dilemmas of AI deployment

    I decided to dedicate this post to this interview, that I found incredibly important and yet not seen / heard enough.

    The Code Dictates the Rules: Who’s Behind AI?

    A central theme of the conversation was the idea that “whoever writes the code dictates the rules.” Whittaker emphasized the profound implications this has for our society.

    With the rise of AI, we are seeing unprecedented scales of power being concentrated in the hands of a few tech giants who not only control vast amounts of data but also influence societal norms and political landscapes.

    AI, she explained, is not magic but simply sophisticated code executed on powerful hardware platforms. However, these systems are often built on biased data, reflecting the interests of a small group of corporations with a profit-driven agenda. Whittaker raised concerns about the monopolization of AI development, highlighting how only a handful of companies own the infrastructure and the data that train these systems. This creates a dangerous asymmetry in power, as these companies dictate the narrative surrounding AI, often casting it as a superhuman force that society should revere.

    The Ethics of AI and Data Collection

    One of the most pressing issues discussed was surveillance capitalism—the business model that underpins much of the tech industry. Whittaker contrasted this model with the mission of Signal, which is to provide a secure, private communication platform that respects user privacy. She pointed out that the current tech landscape, where personal data is collected and monetized, is not designed with the user’s best interest in mind.

    Signal, as a nonprofit organization, faces the challenge of maintaining its privacy-first model in an industry that thrives on data exploitation. Running such a platform at scale costs millions of dollars annually, and Whittaker explained that if Signal were a for-profit company, it would inevitably face pressure from investors to compromise its privacy standards for the sake of profit. This is why Signal must remain independent of the profit-driven business models that dominate the tech industry.

    The Global Impact of Privacy

    Throughout the conversation, the global implications of tech and privacy were a recurring theme. Whittaker discussed the importance of cross-border communication and how platforms like Signal empower people worldwide to connect securely. Unlike nationalized versions of tech products, which would be restricted by jurisdictional boundaries, Signal’s universal design ensures that it works seamlessly for people across different countries and cultures.

    In addition to tech’s global reach, Whittaker also emphasized how AI can contribute to the homogenization of culture, creating a risk of losing linguistic diversity and cultural richness. She cautioned against the dangers of AI reflecting only the narrow perspectives of a few dominant cultures, particularly those in Silicon Valley, and warned that this could stifle creativity and unique ways of thinking.

    Basically the message is: “Most – all – digital large global platforms are designed to collect user data, making it nearly impossible to build similarly large, stable, and user-friendly platforms without relying on data-driven ROI. The very basic infrastructure is nearly impossible to build without huge investment”

    Building a Better Future with Tech

    Despite the challenges and ethical quandaries, Whittaker remains optimistic about the potential for change. She advocates for innovating the business models behind tech, suggesting that true innovation lies not just in new technologies but in rethinking how these technologies are funded and distributed. She sees a future where privacy and fairness are not afterthoughts but foundational principles.

    The conversation at FPS2025 ended with a call for a societal shift. Whittaker urged policymakers to adopt regulations that challenge the current business models and protect individual rights in the face of rapidly advancing technology.

    She also urged the European Parliament to embrace a more equitable tech ecosystem, one that does not succumb to the dominant narratives set by large corporations but instead fosters a digital environment that works for everyone.
    Especially now that the UE signed a letter with 44 European CEOs asking the EU to pause the AI Act for two years, it is the time to rethink the legislation and make it suitable for innovating while ensuring parity and equal rights.

    The Bottom Line: Tech for Good

    Whittaker’s reflections underscore the importance of ethical tech in the modern world. As AI continues to reshape our societies, the conversation about who controls the code and how that power is used has never been more crucial.

    Through platforms like Signal, Whittaker and her team are pushing back against the status quo, demonstrating that it is possible to build technology that prioritizes privacy and fairness over profit. The challenge, however, remains: will we as a society allow this vision to flourish, or will we continue to let surveillance capitalism dictate the rules?

    In the end, Whittaker’s message is clear: the future of tech must be inclusive, transparent, and accountable. It’s up to us — the users, the builders, and the policymakers — to decide how we want that future to look.

  • A Guide to Ensuring Compliance with Privacy Laws

    Always more companies operating in different countries and regions will rely to many websites and online visibility spaces. The era where 1 company = 1 corporate website it over in my opinion. Of course we should differentiate. The corporate pages are more than ever needed to provide a consistency image across the organisation, to centralize the traffic from the most important stakeholders and to express a unified and interconnected image of the company and its products.

    This does not mean we should close our eyes on the local growing needs of different windows, especially when it comes to digital. The Stakeholders approached by a corporate website might not be the same as the one you can address with another kid of language and content. And both are valid and correctly representing the company. It is like to say if you have a Instagram channel, you don’t need an X Account. As a company you might need to have them both, as you speak different content across the two channels and to different audience.

    Let’s talk about Stakeholder-based Digital Communication

    I talked about the importance of Corporate Identity for the success of a global digital marketing and how much having Corporate Guidelines is fundamental for the success of global projects. However, we can not underestimate the various differences based on local customs. Some cultures want to watch videos and they should short and fast, better if simple. Other countries where people interact with strong opinions love debates and write huge comments below each posts creating real conversations that go beyond the initial post. More reflecting population might like to read a lot before convincing about one product or solution, for them books are even better than digital channels!

    This is why, thinking that an organisation could survive with only one website is asynchronous, and we should accept the reality of having to manage different web spaces, as marketing / digital leader. That doesn’t mean we should underestimate the workload and resources needed to deal with this.

    While customization is key, maintaining a consistent brand voice and messaging across various digital platforms is equally important. Consistency builds trust and reinforces your organization’s values. Always ensure that the digital communication strategy aligns with your brand identity while adapting to the unique characteristics of each platform.

    No matter if locally or centrally managed, each local website or so-called “microsite” have the same requirements when we talk about security and compliance.

    the ever-evolving digital landscape, safeguarding user privacy has become a paramount concern for businesses worldwide. As the digital ecosystem continues to expand, so do the regulations governing the collection, processing, and storage of user data. In this blog post, we’ll explore key steps to ensure compliance with applicable privacy laws, providing a Roadmap for businesses to navigate this complex terrain responsibly.

    Understanding Applicable Privacy Laws

    The first crucial step in maintaining a privacy-conscious approach is to thoroughly research and understand the privacy framework that applies to your target audience. Different countries have enacted various privacy laws to protect user data, such as the General Data Protection Regulation (GDPR) in Europe, the California Consumer Privacy Act (CCPA) in California, and the Lei Geral de Proteção de Dados (LGPD) in Brazil. Recognizing the specific laws that pertain to your users is essential for building a robust privacy strategy.

    Clear Privacy Policies

    Once you’ve identified the applicable privacy laws, it’s time to craft and maintain a clear and concise privacy policy in accordance with local regulations. This document should transparently outline how user data is collected, processed, and stored. Accessibility is key, so ensure that your privacy policy is easily available on your website. A well-drafted privacy policy not only demonstrates your commitment to user privacy but also serves as a crucial point of reference for your users.

    Consent Mechanism

    Implementing explicit consent mechanisms is a fundamental aspect of privacy compliance. Clearly articulate the purpose of data collection and obtain user consent before processing any personal information. Make these consent mechanisms user-friendly and ensure that users have the option to opt-in or opt-out easily. By prioritizing transparency and user choice, businesses can establish a foundation of trust with their user base.

    Collect Only Necessary Data

    In the age of data-driven decision-making, it’s tempting to collect as much information as possible. However, privacy compliance requires a more discerning approach. Limit data collection to what is strictly necessary for the intended purpose. Avoid the temptation to gather excessive or irrelevant information from users, as this not only helps maintain compliance but also fosters a sense of trust and credibility with your audience.

    In conclusion, as technology continues to reshape our digital experiences, prioritizing user privacy is non-negotiable. By understanding and adhering to applicable privacy laws, crafting clear privacy policies, implementing robust consent mechanisms, and collecting only necessary data, businesses can navigate the intricate web of privacy compliance successfully. In doing so, they not only protect their users but also build a foundation of trust that can drive long-term success in the ever-evolving digital landscape.