What do you do?
My practice is largely advisory in nature, focusing on helping companies manage privacy risk to achieve their business goals. Over the past few years, I have become deeply involved in advising on cutting-edge issues arising from industry innovations and data collaborations. For instance, clients have been increasingly looking for thought leadership and guidance on privacy and ethical issues around the use of data in the context of artificial intelligence, as well as health and genetic research. I assist those companies with developing US and global strategies that maximise the use and sharing of data in a manner consistent with privacy and ethical considerations. I am also actively involved in assisting companies in highly regulated industries on their compliance strategies with new US state privacy laws.
I was fortunate enough to work at the firm with some amazing mentors and wonderful clients who inspired me to follow this path. As I got involved with leading-edge privacy projects, I became fascinated with this area of law and wanted to explore more.
What’s keeping you busy?
I’m helping a client develop a data governance program to support a new AI product. I’m also assisting several life sciences companies with commercialising innovative digital health and artificial intelligence businesses. This is on top of a steady stream of M&A activity, which continues to keep me very busy.
What mentors or other influential figures have helped you get where you are today?
It would be impossible to answer this question without first mentioning my colleague, Kurt Wimmer. We recently lost Kurt to his battle with cancer, which is a tremendous loss to the privacy community and our Covington family. Kurt was not only a terrific lawyer, but also modelled kindness and respect in his interactions with everyone. Other mentors include Judge H Blane Michael, Judge John Garrett Penn, and all of my former colleagues in Senator Tim Johnson’s office.
If you could change one data-related law, how and why would you change it?
I find the Fair Credit Reporting Act to be incredibly circular.
How has covid-19 affected what you do?
To a large extent, my practice hasn't changed. Just like last year, I’m tracking privacy law developments in Washington and other states, and I'm also continuing to help companies prepare for and come into compliance with the CPRA and, now, the new Virginia privacy law. But on the other hand, the Covid pandemic has given rise to new workstreams, including for companies innovating around research and public health. I've been engaged by clients across various industries to help develop new technology solutions in response to the Covid crisis.
What’s the next big thing – what data opportunities are companies now looking at?
I’m very interested in how the pandemic has accelerated certain trends, particularly around telemedicine and digital health.
What’s keeping companies worried at the moment – what are some key data risks?
I believe that some of the major risks are associated with the pace of legislative change in the privacy arena. Companies are trying to look around the corner on key developments, such as what to expect for regulation of sensitive data. Many clients also are concerned about challenges with cross-border transfers in light of last year's decision to invalidate the EU-US Privacy Shield in the Schrems II case. The lack of a unified regulatory regime between the EU and the US has led to substantial uncertainty for American companies seeking to transfer personal information from the EU to the US.
What do you do to relax?
I like to go running. I also like to go horseback riding.