I came to the data field in a way that I expect is becoming more common for lawyers these days, which is through practising in the area of telecommunications, media and technology.
Prior to joining my current firm as a partner in 2017, I was the general counsel at the Australian Department of Communications and the Arts (as it was then known). While I was there, data and privacy issues were increasingly impacting all the areas that we provided policy advice to the Australian government on, whether it was the involvement of foreign communications companies in the rollout of telecommunications infrastructure, the increasing collection and use of data by technology companies or even in relation to the protection of government data by ICT service providers.
The trend has been even more apparent since I have returned to private practice. It is almost impossible to provide advice to clients in these areas without considering data issues, whether related to collection, use or sharing of data or also, increasingly, the protection of data.
When I started my career, I hadn’t thought that this would be a focus area of my practice – but it has been and it is certainly an interesting and dynamic area.
One key highlight was working in the Department of Communications and the Arts. Being involved in policymaking within government was an amazing experience, and definitely something that I would recommend to do to any lawyers interested in a career in data. Although of course it is great to work with clients in helping them achieve their goals within Australia’s legal and regulatory frameworks, it is also fascinating to help work on the development of those laws and regulations.
Another more recent highlight has been working with clients in the recent development and implementation of Australia’s mandatory news media and digital platforms bargaining code. That code was put in place as a result of the great work of the Australian Competition and Consumer Commission (ACCC) in its digital platforms inquiry, which was groundbreaking in a regulatory sense in Australia in recognising the intersection between competition, consumer protection and privacy.
The deals that have been entered into by the digital platforms, Google and Meta, with Australian media companies under the umbrella of that code have the potential to provide significant support for the Australian media sector, through the support of news production.
Among the challenges we face as a law firm, protecting our own ICT systems to make sure that we deliver the security that our clients expect for the data that they trust us with. I’m glad to say that we have risen to this challenge due to the fantastic work of our own ICT team!
But more importantly, as a firm, we need to make sure that we are in a position to provide advice to clients on issues that they care about and to ensure that we are able to protect their interests. This means that we need to be at the forefront of understanding the regulatory environment and upcoming changes that may be implemented, as well as ensuring that we understand real world technology changes that may impact on the data practices of our clients, and how they may more effectively use their data. This needs to be considered on a global basis, given cross-border data flows. It is certainly a challenge to keep up to date on these issues!
An emerging trend I’m following closely is increasing regulation in the area of data in Australia. At about the time I am responding to these questions, the ACCC is putting the finishing touches on a discussion paper (due for release at the beginning of March 2022) for further regulation of digital platforms and the collection and use of the vast troves of data that those platforms collect from Australians. The Australian government is also consulting on amendments to the Privacy Act to ensure that it is fit for purpose in the digital age – based on the consultation to date, it appears likely that this will mean further regulation regarding the data practices of all public and private sector entities that are subject to the Privacy Act. These reforms may see very fundamental changes in the way personal information is managed in Australia.
But the government is not only focused on regulating to restrict data practices. We are also seeing the government seek to regulate to allow for greater use of public sector data through its Data Availability and Transparency Bill, which is making its way through the Australian Parliament. If that bill is passed, it would allow greater sharing and use of public sector data – though within strict constraints.
So, what we have is really two opposing waves: on the one hand, more data collection and increasingly innovative uses of that data, particularly in relation to emerging AI applications and the like, and on the other hand, an increasing amount of regulation. I think we are a long way from achieving the right equilibrium – data (both personal and business/sensitive data) needs to be adequately protected by regulation, but in a way that does not stymie the appropriate and safe use of that data by governments and businesses. It will take some time to achieve the right balance, which is an issue that jurisdictions around the world are also grappling with.
I think the data field has changed for everyone in the last decade, not just female professionals. It has been such an exciting time with the development of new uses of data to provide better services and products for businesses and consumers, whether it is the ability of apps to predict travel times and show alternative routes to work to consumers or the use of big data to assist health professionals in the detection and management of illness. This has also come with a recognition that (even absent regulation) data must be managed appropriately – including for example personal data, where collection and usage practices are a focus for individuals.
Traditionally, and probably even now to a certain extent, the ICT and the start-up sectors in Australia, where data issues have been most important, have been dominated by men. However, more and more women are involved in these areas, whether in established businesses, as entrepreneurs and of course in the advisory sector.
It is difficult to make generalisations but the more diverse the workforce in any sector, the greater the number of differing views that are taken into consideration in decision making – in a whole range of different areas, both internal and client-facing. The increase in diversity in these sectors in Australia has therefore certainly helped not only to open doors for more women to make an impact through their work but also, I believe, helped develop businesses.
A piece of advice I would give aspiring data lawyers and professionals is: understand technology! I cannot stress this enough. It is almost impossible to properly advise clients on data issues, whether it is in relation to regulatory compliance, procurement of services or the negotiation of transactions, unless you have an understanding of the relevant technology that is involved – whether it relates to data collection, use, sharing or storing that data.
I would also recommend considering time working either within government or in a regulator. As more and more laws and regulations are implemented governing data management, an understanding of government and regulator processes is invaluable in the work of a lawyer.