Profile picture
Crypti-Calli @Iwillleavenow
, 19 tweets, 4 min read Read on Twitter
I figured it might be useful for me to do a quick thread on what a privacy lawyer is and what a privacy lawyer does (plus, I need to redline a contract later and procrastination and all that). So, we're off!
Privacy law is an interesting area. Not only is it tough to describe to non-lawyers and non-tech people, I frequently get this type of response from other lawyers as well:
First: privacy lawyers work A LOT with technology, but not exclusively. Tech pulls in a lot of information and is so pervasive, we deal with it a ton, but privacy extends to visual surveillance, non-digital documents, physical privacy, etc.
In addition, while there are some privacy lawyers that also can code, program, fix your device, hack, etc., many (HELLO) do not have those skills. If you're calling me to fix an IT problem, I have terrible news for you.
Privacy lawyers absolutely should be talking with technologists and engineers ALL. THE. TIME. A ton of them are great people, PLUS they will save your ass over and over by being able to explain to you how the stuff you are trying to safeguard physically and practically works.
When people ask what I do, I often start with the example that is in the news most frequently: I help deal with data breaches.
I'm at a law firm and have clients, so if they get hacked/lose data/have a tech gap/however else they might get breached, I help them address it.
We walk them through how to make sure the gap is sealed, look at what data was affected, tell them what notifications they legally have to make and other legal requirements, help draft those/make sure they get to the right authority and people, deal with fallout and PR, etc.
However, data breaches are fairly infrequent and though they're all-hands-on-deck when they happen, the vast majority of my job is other stuff.

Stuff like keeping track of privacy laws for our clients so we know what standards they have to meet/what they can and can't do.
Some countries and regions have wide-spread rules that are easier to track. The EU has established a baseline privacy law (the GDPR, praise and curse it) and each member-state must meet that standard, but implements it however it chooses (and can make their requirements tougher).
The U.S. is sectoral: there are federal laws in certain areas (HIPAA for medical information, COPPA for kids' information, etc.) and there are several requirements that differ by state (Illinois has fascinating biometric privacy laws, California has strong consumer protection).
Keeping up with all of these and making sure we can clearly and correctly explain to clients what they have to do for certain types of information or for certain consumers is a huge part of the job.
Another part of my job is drafting the Privacy Policies and Terms of Use that nobody reads (HOW DARE YOU, I WORKED SO HARD). These have to be structured in a very specific way - too simple and you're not being honest about use, too complex and it's unreadable and useless.
This balance is obviously very clear and easy to hit each time and I definitely don't do multiple drafts constantly while weeping into coffee.
We also help our clients track how they use data: what they collect and why, how they use it, how they store it, who they share it with, how they protect it, when they delete it, etc.

You should see the flowcharts. Glorious flowcharts.
In ensuring information is protected properly, I deal with a lot of contracts: making sure that vendors our clients use are protecting data, making sure we are allowed to share data and clients are aware, dealing with liability, indemnity, confidentiality, consent, etc.
Finally (and a lot of this is personal to me because of my privacy feelings and background at IAPP and the FTC), I try to do a lot of privacy advocacy and education. Privacy and tech can feel very intimidating and I want it to be accessible and interesting. I want people to care.
So I seek out and discuss new tech, data collection, new laws and terms, etc. and try to distill it where I can so people know how to control their data and demand better from companies and agencies misusing it. As part of that, please ask questions! I love talking about this.
If I'm not responding, either I missed it because my notifications are still messed up (SWEET GOD, WHY) or I am dealing with a work deadline. But ask again! Truly there aren't dumb questions - this is a massive and complex area of law and tech and it is constantly evolving.
Thanks for joining. Cover your webcams.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Crypti-Calli
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @Iwillleavenow see all

Profile picture
Morning, folks! There's been quite a bit of recent talk about facial recognition and I thought it might be helpful to do a thread laying out why some people (THIS GIRL) think it needs regulations, like, yesterday and what the issues are.
So, facial recognition has been a common thing in sci-fi for years. In concept, it is the ultimate crime-solving tool, ultimate security, identifies bad actors, etc. (unless you have one of those Mission Impossible masks).
In practice, facial recognition has been in development and in use for years at various levels. It's how Facebook guesses who should be tagged in photos you upload, it's used to unlock phones, it can be used to purchase goods in some parts of China. Amazon is an early developer.
Read 20 tweets
Profile picture
HOKAY, some thoughts.

1) Consumers often don’t know the actual privacy trade-offs of tech use (they’re hard to find, hidden, non-intuitive, and expanding)
2) Even when they do, they often don’t have meaningful alternatives that protect privacy better (cont.)
3) Even if they have BOTH, consumers frequently don’t have time/means/sophistication to research which options are best and shift
4) Even when they CAN, those options frequently cost more and consumers can’t always afford that

Stop pretending that tech use = privacy apathy
As if you can be a functional professional in the world now and NOT ever use wi-fi, social media, connected devices, etc.

Our only options shouldn't be "no privacy ever" or "Luddite."
Read 3 tweets

Related threads

Profile picture
#Thread #Histoire #Art #MichelAnge
La chapelle Sixtine, du nom de son concepteur le pape "sixte" IV, se trouve sur la colline du Vatican (en face des "7 collines de Rome") où, au 1er s, un cirque présentait des courses de chars et voyait des chrétiens persécutés (dont selon la tradition, l'apôtre Pierre lui-même).
Le neveu de Sixte IV, Jules II, était un pape guerrier, toujours prêt à partir se battre pour son territoire, ce qui lui valu les surnoms de "pape-soldat" ou encore "Jules César II". On dit "qu'il préférait les bruits de canons à la prière".
C'est lui qui engagea Michel-Ange.
Read 16 tweets
Profile picture
#THREAD
Gemalto has apologised for publishing erroneous report on Aadhaar data breach. But why would a world class firm mislead the people of India? What has Gemalto to gain from it? Does Gemalto has stakes in #Aadhaar? Lets see which journalist has the courage to report this.
To understand whats really going on you must first know the background of Gemalto and where it comes from, that would bring things into clear perspective. Then we would address the Aadhaar issue and how the People of India is being mislead by UIDAI.

Neville Pattinson Vice President, Government affairs at Gemalto is board member of Smart Card Alliance a RFID industry group, also serving US Department of Homeland Security's Data Privacy & Integrity Advisory Committee - inchanrge of various Govts biometric programs like Aadhaar
Read 20 tweets
Profile picture
[#THREAD] Bonsoir Twitter 👋🏼

Saviez vous que le réseau #TGV au départ de la gare de Paris Montparnasse est le seul à utiliser un type de TGV unique et actuellement au crépuscule de sa vie ? Le #TGVAtlantique ! 🚄

Entre records mondiaux et prouesses, focus 🔎.
Alors pourquoi avoir créé ce TGV Atlantique ?
Et bien il faut remonter en 1981 lors des débuts du TGV Sud Est entre Paris et Lyon. C’est à ce moment que François Mitterand, président d’alors annonce la mise en chantier de ce qui deviendra la LGV Atlantique 🌊🚄💨.
Objectif ? Mettre la façade Ouest du pays à moins de 3h de Paris et penser à l’export du TGV à l’international.
On charge alors @AlstomFrance et Francorail de développer un TGV avant gardiste sur le plan technologique, + puissant et plus + capacitaire que les rames Sud Est.
Read 18 tweets
Profile picture
#Thread: Rough translation on Rajini's recent statement on RMM activities.

I'd like to clarify the false rumors stating RMM works are happening without my permission. All activities regarding RMM are happening with my knowledge & permission.

#RajinikanthPoliticalRevolution
Already by last year May month, I said that "I won't allow people near me who have thoughts of getting posts & earning money when I enter politics. So, those people stay away right now."

#RajinikanthPoliticalRevolution #Thread #Rajinikanth
Didn't say it for word-sake. We are entering politics to bring out a new political culture for a good political change. If we've to do politics like others, why should we enter politics?

#RajinikanthPoliticalRevolution #Thread #Rajinikanth
Read 15 tweets
Profile picture
#Thread: Press Conference today regarding TheEastLight's recent events regarding the band's abuse and assault by Producer A and CEO KimChanghwan "B" (leader Lee Seokcheol) and his lawyer at Choyeongrae Hall
(181019)
Lee Seokcheol shares that both he and his brother, Lee Seunghyun have endured being beaten by Producer A

Lee Seokcheol shared that Kim Changhwan, their CEO, was aware of the situation and would watch the two of them be beaten up in the 5th floor studio
Seokcheol shares for the past 4 years, beginning in 2015, he and the members would be clubbed by a baseball bat, the abuse would occur everywhere within the company, studios, practice rooms
Read 37 tweets
Profile picture
Going to "FinTech Forward 2018"? Here is how to prep for the @CFTC's inaugural conference, to have better conversations while there by understanding what is going on in crypto today.

#thread
1/ What are you interested in? Some good topics are: RegTech, digital payments, neo-"gold standard", cryptography, smart-contract virtual machines...
2/ For "RegTech" (technology that enhances regulatory processes) and regular-"Reg": You could, for instance, read up on the new @GeminiDotCom Gemini-Dollar and learn about the 3 layers to their ERC20 smart-contract, designed to help with compliance.
Read 9 tweets

Trending hashtags

#manif #DataIntegration #chômage #FaceRecognition #TeamSNCF #NeoFaceReveal #surchauffe #FBI #CBS #MachineLearning #CommonDataModel #Grèce #October18ReleaseNotes #webcomics #GoLive #Levothyrox #CDS #Sabarimala #England #Mercer #MacronLeaks #GM #austérité #Guccifer2 #MSDyn365FO

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!