Do-Si-Do – dancing with privacy: Trump and Cybersecurity

Dprivate-danceruring the current U.S. president’s administration, we have seen a tremendous effort in protecting digital assets and cybersecurity. Industry experts tend to feel that although the initiatives do not take us as far as we need to go, they have covered immense mileage. Will this change under the new administration? Experts disagree on the answer.

President-elect Trump’s website provides an overview of his initiative, namely launching cyber-offense. We must keep in mind that this website is pre-office and like many presidents, subject to change once reality hits. But let’s look closer at some hints we have at what might be coming or disappearing.

On his campaign website, Trump declares four points as his vision:

  • Order an immediate review of all U.S. cyber defenses and vulnerabilities, including critical infrastructure, by a Cyber Review Team of individuals from the military, law enforcement, and the private sector.
    • The Cyber Review Team will provide specific recommendations for safeguarding different entities with the best defense technologies tailored to the likely threats, and will followed up regularly at various Federal agencies and departments.
    • The Cyber Review Team will establish detailed protocols and mandatory cyber awareness training for all government employees while remaining current on evolving methods of cyber-attack.
  • Instruct the U.S. Department of Justice to create Joint Task Forces throughout the U.S. to coordinate Federal, State, and local law enforcement responses to cyber threats.
  • Order the Secretary of Defense and Chairman of the Joint Chiefs of Staff to provide recommendations for enhancing U.S. Cyber Command, with a focus on both offense and defense in the cyber domain.
  • Develop the offensive cyber capabilities we need to deter attacks by both state and non-state actors and, if necessary, to respond appropriately.

These are ambitious goals and he further elaborated on them in several speeches, such as the one he highlights on that page to the Retired American Warriors.

Cabinet choices: some of the individuals selected for cabinet positions (Attorney General and Director of the CIA) are causing a few concerns in the privacy world according to CNBC.

The president-elect’s selections for attorney general — Sen. Jeff Sessions, R-Ala. — and CIA director — Rep. Mike Pompeo R-Kan. — have argued publicly that the government needs greater surveillance powers.

McSherry said Pompeo poses a particularly worrying risk to American citizens’ privacy, as he has advocated for things like the routine mass collection and use of “social data” from third parties, like Facebook and Alphabet‘s Google. Pompeo has also called for Edward Snowden to be put to death, said Chris Calabrese, vice president for policy at the Center for Democracy and Technology.

In addition, Trump reportedly disagreed stringently with Apple’s refusal to help the FBI hack into a terrorist cell phone (you remember that story, right?). Supposedly, Trump called for a boycott of Apple products. Now we all have opinions on what was the right thing to do there, but I personally know few people who supported assisting the FBI (I opposed it and I am a diehard FBI fangirl). The issue is no matter how much we love the law enforcement of the USA, we also love the people of the USA and that includes all of their rights and responsibilities guaranteed under the Constitution. We can argue all day long what exactly that means, but if the arm of the government kept its fingers in the pies it should, there would be no problem with privacy. Unfortunately, the zeal for ferreting out bad guys seems to carry no counterweight with some law enforcement. And the history there is unden
iable.

But let’s get back to the Trump administration and cybersecurity.

He is openly supportive of the US launching offensive cyberattacks (as evidenced by his own statement provided above). Now, I am not a politician or policy-maker, but I see both good and bad there. I’d love to hear from true cyber-experts if that is the way to go. In most competitions, being strong defensively as well as offensively is highly advised. But will there be a system of checks and balances that draws a clear, uncrossable line? BEFORE there is real harm?

I, for one, truly hope that the new administration continues to build on the advancements made by the current administration. As a nation, we must protect ourselves; but as individuals, we must also protect ourselves and each other. We must avoid a mob-mentality and not give in to mass hysteria…unless a situation becomes so untenable that it takes a national uprising to protect our rights and wellbeing.

I am just not sure what direction that takes or what music it’s dancing to…

What I am sure of is that Trump thinks more in terms of business than politics. Given his recent meeting with Silicon Valley icons, my hope is that he will play ball – or as the title suggests  dance like a businessman (sorry, not sorry) and look for the greater partnerships, which just might be a good thing for us, our privacy rights, and our national cybersecurity efforts. We will have to watch carefully and quickstep if we see it going the other direction. I am afraid this is not one issue that can be stopped easily if it gains tremendous movement – and that can apply in either direction. So here’s to dancing in the right direction!

Advertisements

“I think I’m Doing Too Much”

I think I’m doing too much. My family had never heard me say those words. Never. And I don’t just mean my kids – my mom, everyone/no one. Those who know me might recognize that I am a hyper-personality, high spirited, too “damn” perky – pick your descriptor. I have always been busy. I started work at maybe 13, 14 years old. I know in one job, I lied about my age….could never get away with that now!

I never cared much for grades, so it is not that I was one of those over-achieving students. I wanted the knowledge, not the external recognition. Given that I generally scored in the top half percent of the top 1% of all those standardized tests, I was classified as a classic underachiever. You laugh now.

But I became too busy. Personally and professionally. privacy lawyer, silicon valley global med tech company check. BCRs (controller and processor – first ever dual application) check. HIPAA check. Emerging tech check. lawyer check. executive check. consulting check. blogging check. start writing a book (check, but leave unchecked that I finished it) – same with PhD  in dissertation phase for 3 years now. Check check check. Happily married finally. 2 amazing, accomplished daughters. Leadership roles in global professional organizations. volunteering with non-profits. great friends. good books. loving pets. awesome home. 150+ pairs of shoes. Mrs. Scottsdale America. Speaking on a variety of subjects to different audiences. teaching law classes. Mercedes AMG. money in savings. off most lupus meds. I even lost 30 pounds. checking all over the place. BUT….

– I was busy, but things were getting accomplished. Yet for the first time in my life – I was overwhelmed. I mean, hell – I survived things that killed others. I know I am lucky – and I give the praise to the God I trust and worship. But I was overwhelmed. Even my adult ADD wasn’t saving me this time.

I have learned that when you need to slow down, you either do it or you’re forced to do it. 

So I have slowed down. I am able to take stock of my goals and my 5 – 10 – 15 year plan. I kinda sorta had a plan, and executed it immaculately despite myself. I know what it important for me professionally and personally – and everything else. everything. is nonessential to my life.

Face the hard decisions. And face them head on with determination and consideration. Be brutally honest with yourself about what matters – and what is simply busy work, or chasing a dream that you thought you should have, or doing things that are expected of someone in your field. Focus on what matters. And yes, professional goals matter too. We spend most of our waking hours working (which can suck if you don’t do what you love), so don’t knock having professional goals and dreams.

Some of us may not be in a position to be choosy, but if it is at all possible – take a step towards being in a place to choose. One step at a time. My goal, growing up poor in Mississippi was 1) be able to walk into a superstop (quickie mart, 7/11, whatever the local corner store is) and buy a coke without having to balance my checkbook first and 2) go on a great vacation every year. #1 I can do. #2 – my definition of a great vacation seems to be morphing.

I’m still young (I tell people I am 74 and looks dayum good for my age), but I am 47 years old. I am young and in a field (privacy law) that is growing leaps and bounds. I know and love some amazing people, both personally and professionally, and I work for some phenomenal people/companies that I respect and hope to continue those relationships.

And I still need to finish that dissertation. this year.

So being too busy was my come to Jesus moment. And I survived it with some hits to the pocket book, ego, health, and personal matters. Maybe that is what it took. I do not ever want to say or feel those words again. I want to be in deliberate control of my life. Live with purpose.

 

Lights! Camera! Privacy! wuuuut

privacy-movie-cutWhat?? Movies about privacy? I mean, cutting edge, action-packed, thriller movies about privacy! Not since the Alfred Hitchcock horror classic Psycho where the poor girl’s privacy was blown to bits (or stabbed to bits) has privacy been so prevalent in movies. (and anyone who doesn’t think killing a naked woman in the shower for entertainment purposes is about privacy .. . define “naked”)

Jason Bourne. Silicon Valley, megabillions, internet start-up conspired with the CIA to build in back doors in exchange for funding and then only tried to stand up for privacy once the start-up Deep Dream made all their money. I make no judgments about their lack of reality with technology, just that to the masses, when the CEO tells the CIA director played by the amazing Tommy Lee Jones, “Privacy – you should be protecting it!” (or something like that, I was writing on a napkin in the dark, people) – it was stellar!

There was a party in my privacy geek genes.

And then! Then it really went crazy when I saw Now You See Me 2. First, I love this movie. Movies that keep me guessing…don’t happen often. This one did. LOVED IT. Not to mention the amazing cast of characters. plus magic. equaled MAGIC!! And again, about privacy. The wizard, no wait, magician – no, he wasn’t a magician, he was a paranoid spoiled illegitimately-claimed illegitimate son of a millionaire who wanted to steal a chip that provided back doors into everyone’s life. He wanted to be private. And he claimed that you cannot reform the system from within it (which has major philosophical implications for a later discussion).

But wheeeeee – the privacy geek genes are still partying!

 

 

 

ACC WITH: Global Women in Law

20160621_172608Tonight, a dream came true. A vision took form.

The Association of Corporate Counsel (the organization for in-house attorneys with about 40,000 members worldwide) launched their global initiative supporting women attorneys.

It all started with one question “Does the ACC offer programming for women?” The answer was no, but we should. And two years later, here we are. In the brilliant hands of Jennifer Chen, the Director of the ACC Foundation, this program has not only been put in place, it has grown wings.

It took a cadre of amazing ACC attorneys (Tracy Stanton, Jennifer Mailander, Katia Bloom, and many others) along with the ACC (Veta Richardson, Tori Payne, and also many others) to share the vision and take actionable steps to make it happen. Last October, we did a soft launch of WITH at the ACC Annual Meeting, where we held a breakfast with inspiring, accomplished women attorneys. We did surveys, wrote articles, developed toolkits, and spread the word.

That word resulted in honoring three women tonight who have truly forged the path and had a vision and a plan long before us: Irina Bokova, Director-General, UNESCO; Gloria Santona, Executive Vice President, General Counsel and Secretary, McDonald’s Corporation; and Charisse R. Lillie, Fellow and Vice President of Community Investment
Comcast Corporation, Executive Vice President, Comcast Foundation. The fabulous Sunny Hostin, Senior Legal Correspondent & Analyst, ABC News led the discussion, which touched on many key points – mentoring and having a sponsor for one’s career, situations in which they noted “this is what it means to be a woman in the legal field,” salary, plans, and advice. They held the room enthralled – about 200 attendees all nodded their heads in agreement and there were more than a few “yeah. Yeah!” heard around the room.

And this was after David Nabarro, Special Adviser to the United Nations Secretary-General on the 2030 Agenda for Sustainable Development and Climate Change inspired the room with his talk on the 17 goals in the 2030 Agenda – and how many are related to the empowerment of women.  Knowing that 193 countries are committed to seeing women empowered is simply incredible.

And the room was not just women. There were many men present as well – as it should be. Men are a critical component if women are to “live under the sky” (as opposed to breaking the glass ceiling in a few spots here and there).

We all hope to see this field equalized and celebrate the difference that women make. One thing Irina said really resonated with the audience. When a woman reaches a certain position or role, there are high expectations – people are watching. She must do an exceptional job and far surpass expectations. Yet men in the same role are only expected to do the job. They don’t need to surpass expectations, no one is “watching.” At some point, we – as women – want to be average. Let us simply do the job. Because we can. But it is really hard to always exceed expectations that are only set for one half of the profession. Hitting a metric that should not exist is simply unreasonable.

We are excited about our next steps. And we welcome you to the effort. We have a huge initiative in place with Diversity Lab and the onRamp  Fellowships. Caren Ulrich Stacy, the founder, is truly a giant among giants (I think I fell a little in love with her). Five corporate powers have signed on to her program to help women re-enter the legal workforce.

You know you want to be WITH us. Feel free to contact me or the ACC Foundation to learn more. http://www.acc-foundation.com/

 

 

Why Work in Privacy?

top 5Often, when asked what I do, the person is totally flummoxed when I respond that I am a privacy attorney. Sometimes, they will even ask – what does that mean? Well, if I said I was a contract attorney or a patent attorney, they would understand, right? It means I handle contracts or patents – or specifically in my case, I handle privacy.

Ah – that’s the problem, they don’t understand privacy. I mean, seriously, how do I find enough work to fill 40 hours a week?

Privacy is the concept that information about ourselves is only shared to individuals/companies  whom we want to know those things about us.

Simple, right? Not so much.

So why would anyone want to work in privacy? All day long, every day, the whole year, for decades, we fight a battle that few people ever see. It’s like starring in a vampire drama – there’s a fight happening in a world that most people don’t see and would not believe. And like vampires, we typically work in the dark, our emergencies happen at night, and we live off a critical element that is very personal to people….data. And to most of our colleagues, we’re the boogie men who come to steal your profits while you’re sleeping (or when you’re bad).

So why work in privacy?

My top five reasons:

  1. I’m such a geek rebel that I C# and bleed java. I am building a complete Padme parade dress costume for ComicCon. My UAV isn’t even registered. I speak in movie quotes. And Sheldon is my hero. Bazinga!
  2. Unlike most corporate attorneys, I may work for the company, but my job is to protect the little guy. I always did go for the underdog – I liked Tom Wopat not John Schneider and I preferred Larry Wilcox to Eric Estrada. I may look like a heartless corporate attorney, but really…I’m all squishy inside.
  3. The field is growing by leaps and bounds. Everywhere you turn, there is data being collected, used, shared, abused, lost, forgotten, manipulated, and more! Technology is getting smaller, stronger, and can  hold more data.
  4. The privacy field is a gender neutral one.  Perhaps because of the way it grew up, women tend to  have equal pay and leadership roles.
  5. My ADD (Attention Deficit Disorder) has free reign! I am  never bored; I can work on 46.3 projects at a time; and given how fast the field changes – if I don’t like something, it is likely to be different tomorrow.

Being a privacy professional is a calling for certain people and requires flexibility, rampant curiosity, thick skin, and a relentless gift for persuasion. If you don’t love it – don’t get in it. It is not a profession for those seeking glory or an easy desk job.

Stretch Yourself

stretch yourself

photo courtesy of Marc Scott 

What we think determines what happens to us, so if we want to change our lives, we need to stretch our minds. ~Wayne Dyer

Have you ever really thought about what it takes to stretch yourself? Physically, we understand this. But what about our minds, our dreams – a mind and a dream in motion stays in motion as well as a body does.

This wonderful blog by Ron Edmonson provides seven ways to stretch yourself as a leader:

  • Read something different from what you normally read.
  • Hang out with people not like you.
  • Move forward on something with uncertainty.
  • Attempt something you’ve never done.
  • Spend more time on opportunities than on problems.
  • Schedule and discipline time to dream.
  • Stay physically active.

When you consider each of the points, they apply to more than just being a leader. They apply to life. But go further – step outside your comfort zone and reach for something that is a little beyond your limits.

Professionally, reach for that dream job, but do so in a deliberate manner. Reach out to your heroes. I just read an article about a young entrepreneur who encourages her team members to do that – reach out. It’s only an email. It may be ignored and it may yield amazing results!

Personally, take a chance. Now, this doesn’t have to be take a chance with your life or your love – although it may turn out to be just that. Rock climbing is certainly dangerous, as is skydiving, driving a racecar, climbing Mount Everest – but if that is your dream, reach for it in a deliberate manner. Prepare yourself properly. In love, well, I met my husband online and we married within 6 months. 14 something years later – still going strong. And that was a chance for me as I survived two abusive marriages. I felt I was putting my life at risk to try for love one more time, but I stretched myself and had unfathomable results.

Stretch yourself. Reach for that dream – be in personally, professionally, or physically. With all things, prepare yourself properly. And it is scary, most things worth winning don’t feel really comfortable in the effort. Maybe you take baby steps – maybe you throw all in and dare the fates (not legal advice here!!), but challenge yourself to do one thing every day that stretches you in some way.

Every day. Read the news (that’s a stretch for me). Ask the janitor’s name. Give a flower to a stranger. Shake a cop’s hand. Let the other person go first at the 4-way stop. Little things.

Plan that dream vacation and determine how to get there. Apply for that once-in-a-lifetime job. Email your hero. Start that book – chapter 1.

If you want a raise or a promotion, talk to your boss and make a plan. Find out if you have opportunity where you are. Ask to be in on a big project. Identify an issue that needs to be addressed and formulate a plan. Never take a problem to your boss unless you have  a proposed solution as well. Try for a certification. Submit a panel for a conference proposal.  Sit at a table with people you don’t already know. Stretch yourself.

Reach for the moon and if you miss, you’ll still land among the stars!

Teachers gone Wild: Lifestyle Privacy

Many public sector employees are held to higher standards than the average person due to the nature of their position and their potential influence on other people. Should they be? Is this discrimination? Is the discrimination justifiable?

bad teacher

courtesy of sony pictures

At times, we see a morals clause used to address potential misbehavior. A morals clause is a contract provision, typically used in relation to public figures (athletes, acting, news and political personalities) that prohibits the employee engaging in certain acts. These disallowed acts may include inappropriate sexual acts or drug use, but can include requirements that the employee “dress neatly in public, to conduct himself according to the highest standards of honesty and sportsmanship, and to refrain from doing anything that would be detrimental to the best interests of the team or league” (for further information, please see this article).   Engaging in social media insults of one’s employer could fall within a morals clause, but would not be something the typical employee/employer would encounter – although it is becoming more common for executives.  This, however, completely aside from the National Labor Relations Board’s decisions and guidances on social media policies.

Additionally, there are still certain career fields in which the employees are seen to be role models to our youth. One example of this relates to the private lives of teachers (see this story on a kindergarten teacher fired for nude photos). Before the advent of social media, teachers’ private lives were more easily separated from their professional lives. While being subject to public scrutiny may not be new, having one’s personal life so easily available is relatively new, as is facing severe repercussions from them (and this does not acccount for the egregious phenomena of impersonators).  Courts have taken two avenues to evaluate whether a teacher’s private actions are subject to employer review: a public official view or a student-speech view (whether the speech would substantially interfere with the educational duty) (Miller 2011).

Miller states that “[t]here are basically four types of internet speech that could put at risk a teacher’s relationship with his or her school district: 1) befriending students on social media sites and communicating inappropriately with them, 2) criticizing the district, school, students, parents, or the community online, 3) posting what school districts may deem as inappropriate photos  or comments (usually things that are sexually explicit or that promote alcohol or drug use, and 4) commenting on political or social issues.”  Teachers may see more disciplinary action and control if their private-life postings are viewed from a perspective of being a public official and in a position of trust than if considered whether their posting substantially disrupt the educational duty.

The question that we face is “Is this right?” Is it okay to restrict a teacher’s private life because we feel that they should be held to a higher standard than other people? What about cops, firemen, nurses, doctors, lawyers, preachers, etc.? More specifically – or more generally, I guess – is it fair to hold anyone to a certain standard in their private life as long as the behavior is not illegal?

Which brings us to lifestyle laws (more appropriately called lifestyle anti-discrimination laws, but for the sake of brevity and ease of conversation, I will call them Lifestyle laws). Lifestyle laws prohibit discrimination against someone at work based on their personal lifestyle choices – and in most cases, this is directed towards risky health behaviors, such as smoking, as applied to health insurance premiums through one’s employer.  In many states plus the District of Columbia, employers are prohibited from banning employees from smoking off work premises. Plus, twelve states protect the use of any lawful product during non-work hours, such as alcohol or even unhealthy foods. Currently, only California (CAL. LAB. CODE § 96(k)), Colorado (COLO. REV. STAT § 24-34-402.5(1)), New York (N.Y. LAB. LAW § 201-d(2)), and North Dakota (N.D. CENT. CODE § 14-02.4-03) have comprehensive protection statutes that protect employees for any lawful activity outside work.

Not only do the various state laws differ in what behavior they protect, but courts interpret them differently. Once you mix in social media, it’s a circus out there! People should be free to do what they want to do within legal boundaries and laws should not be required to permit people to do so. Good googli moo.

Keep in mind that there are federal laws (Title VII of the Civil Rights Acts of 1964) against discrimination of protected classes and disabilities (Americans with Disabilities Act)- so lifestyle laws are in addition to any protection under these areas. Plus, in general, government employees are protected by equal protection and due process clauses of the federal constitution.

I leave you with this thought – are we as a society free to engage in lawful behavior even when it indirectly impacts others’ lives (such as higher health care costs)?