Insights
Happy Data Privacy Day from the BCLP Global Privacy & Security Team
Jan 28, 2022Happy Data Privacy Day! The BCLP Global Data Privacy & Security team wanted to approach things a bit differently this year. We continue to grow as a team domestically and globally and have been excited to support numerous cross-border and cross-functional projects. We have not, however, had as many opportunities as we had hoped to meet with clients or each other over the course of the year. So this year, we wanted to reintroduce you to the global team. A number of us on the team provided a bit of background about how we landed in privacy, why we enjoy it, and offer a key piece of advice for 2022. We hope you enjoy and will look forward to seeing and working with each other in 2022 to tackle all things privacy and security.
Meet the Team!
Amy de La Lama
I stumbled into privacy as an associate nearly 18 years ago. I had an amazing mentor who was a trailblazer in privacy and really supported my career development. It was a just a natural fit for me. All these years later, I love the dynamic nature of the practice and the global reach of the work we do, as well as the amazing clients I have met along the way (many of whom I now call friends). I get to work with clients and colleagues all over the world and am constantly challenged. 2022 is the year to focus time and resources on upgrading privacy programs to absorb and adapt to new laws in a consolidated and programmatic manner. We, as external counsel, must be laser-focused on providing practical, business-friendly advice to help privacy teams combat privacy fatigue and identify risks and priorities that are most relevant to their organization.
Christian Auty
I became a data privacy lawyer after I agreed to look at something called HIPAA during an internal investigation I was working on as an associate. The rest is history. I enjoy data privacy because to understand a client’s data is to understand the client at a fundamental level. You constantly learn new things and you get to be very close to operational decision making, both of which are fun and interesting.
Data maps will be very important in 2022. They are not fun or exciting but are the backbone of every well-developed privacy program. They will also now be required in the US (in addition to Europe) when the new state privacy laws take effect in 2023.
Geraldine Scali
As a junior IP/IT/Communication law associate in Paris in the early 2000’s, when data privacy was not as big as it is today, all the data privacy/CNIL questions were coming to my desk. I seemed to be the only one who enjoyed working on this topic. When I decided to leave France and move to London in 2011, privacy was becoming a thing (cookie consent was the hot topic back then) and firms in London were starting to have dedicated data privacy teams. I took the bet to focus my practice 100% on data privacy. It was in August 2011….3 months later, the first draft of the GDPR was leaked so my bet paid off. I enjoy that privacy is an exciting and diverse field that is constantly evolving, with regular bombshell developments and challenges.
Ethics, public trust, transparency and consent will be key concepts in 2022, whether it is in the context of the upcoming revamp of the UK data privacy regime, for example, or more generally in the privacy and technology area with data being at the heart of innovation.
Dominik Weiss
I became a privacy lawyer through counselling clients on website projects. It was impossible not to advise on data privacy! I enjoy privacy because it is challenging and rewarding to help clients navigate a rapidly evolving legal environment. You often deal with novel situations for which no case law or guidance exists. The work also demands that you keep up with the latest innovations in the technology sector.
In 2022, we will see more enforcement actions across Europe related to international data transfers. Clients should not bury their heads in the sand, but rather take appropriate steps toward compliance with the requirements of the Schrems II ruling in particular. With ransomware attacks on the rise, the implementation of adequate preventive measures and cybersecurity strategies also remain critical issues for companies.
Goli Mahdavi
I became a privacy lawyer when a long-time litigation client needed privacy advice. After dipping my toe into the privacy pond, there was no turning back.I enjoy privacy law because it has allowed me to stay up-to-date on technology, so I have a fighting chance at keeping up with my kids when they are older.At the risk of being cliché, I enjoy collaborating with clients to help them design and implement solutions that work for their particular business.
2022 is shaping up to be a transformative year for privacy programs big and small. Companies should not delay in taking the first steps toward putting together a strategy for compliance.
Andrea Rastelli
As a first year associate, I was tasked with understanding Gramm Leach Bliley and counseling banks and Fintechs on privacy compliance and security breaches. I really enjoyed working in the privacy field and gravitated to privacy work over other types of work. It was then that I expanded my practice to work with all types of companies in need of privacy compliance counseling. Practicing data privacy is much like solving an ever-changing puzzle. I enjoy the constant challenge and the innovative nature of practicing in this field.
As new technologies, such as Artificial Intelligence, continue to be developed against a backdrop of increasing regulation and enforcement, privacy will become an ever more crucial component that must be considered at every step of the product development process.
Gabrielle Harwell
I became a privacy lawyer because of sheer luck and good timing. I have continued practicing data privacy law because data privacy law can change with one tweet – every day brings something new.
In 2022, companies should keep an eye on SEC enforcement actions related to data breaches and tailor their practices accordingly. Companies are being held to stricter standards than the legal requirements would suggest.
Related Practice Areas
-
Data Privacy & Security