The story of how I came to the data field is not very romantic, but more pragmatic. A partner of mine was originally involved in the data field at our firm, mainly due to his daily work with bank institutions which, due to belonging to a highly regulated sector, are always the first to comply with any upcoming regulations. Since I was handling IT matters and co-leading this practice – which is very much linked to data protection – we both thought that it was a good idea for me to head the data privacy and data protection practice.
If I have to highlight an aspect of my career, I would say that since the beginning and up to now I always wanted to put the law near my clients, meaning that my aim has always been to try to make concepts available and easy to understand, even when regulations might seem complicated. Therefore, my main focus has been to help clients navigate through the difficulties present in regulations for them to be able to achieve their commercial goals, helping foreign and local companies to conduct internal audits to understand their degree of compliance with data law and remedy their flaws, understanding clients’ complex cross border and other data flows and advising them on compliance with data laws, among others.
I think one of the biggest challenges is the fact that our data law dates back to 2000 and is not very clear in many aspects but, still, contains many of the main principles of the most modern data protection regulations such as the GDPR.
While our Data Protection Authority provides guidelines for some scenarios, there are many other cases where we do not have guidelines nor case law, so it is not uncommon that we resort to the European Data Protection Board’s guidelines to interpret our own regulations.
There are currently three bills that intend to replace our data law and align it with the principles of the world’s most modern regulations, but this does not seem to be a priority in our country for the moment.
To respond to this challenge, we continually review our internal policies and adapt them looking not only to local standards but also to the world’s most modern regulations. Luckily these offer a lot more detail than local ones and, besides, the guidelines of the former Article 29 Working Party or the current European Data Protection Board and the precedents of other data protection authorities are always very helpful.
Emerging trends I’m following closely include: Increasing cybersecurity risks; bias and liability in AI; safe and responsible use of data and its co-relationship with more sustainable companies; developments in intermediaries liability with a focus in marketplaces and social media; NFTs and IP, privacy and e-commerce in the metaverse. I follow these trends as many of them develop and grow quickly in Europe or the US, but arrive to our part of the world sooner than later. We need to be updated to work shoulder-to-shoulder with our clients.
I tend to think that data lawyers offer different and interesting perspectives irrespective of their gender. I have a group of colleagues with whom we like to discuss different topics and I find that each one of us, no matter our gender, enriches the point of view of the others. The same happens in my team, that I co-lead with my partner Emilio Beccar Varela, where lawyers from different genders contribute with different perspectives irrespective of their gender.
However, there might be an example of how gender gave me a different perspective on a data protection issue. During the pandemic, our clients began to process great amounts of sensitive health data of their employees that they had not previously needed to process. Perhaps due to the sensitivity of the female gender, I always approached the advice to our clients with a great focus on the privacy of the employees, compared to others who focused on the company's need to collect that information. I want to emphasise that neither position is better than the other, and both had legal bases.
A decade ago, at least in Argentina, not many women were involved in the data field. However, this has changed a lot and nowadays, and mostly after the entry into application of GDPR, many women dedicate most of their work time to the data privacy practice, many as in house lawyers but also many in law firms. I expect that this will continue to grow.
I would recommend that aspiring data lawyers and professionals be curious, read as much as they can from many different sources, to take each work assignment as an opportunity to learn something new, to participate in forums, to be speakers at conferences, to raise their voices for those things in which they believe and to try to gather with colleagues and discuss data topics which I consider a great way of achieving continued learning and expanding one’s own point of view.