Lawyers and Business Consultants Team Up to Tackle Tough Privacy And Data Security Issues

Friday, September 7, 2018 - 15:54

 

Manatt’s incoming CEO, Donna Wilson, shares her holistic privacy and data security approach and promotes the power of a diverse team.

CCBJ: How did you come to your career in law, and what ultimately brought you to Manatt?

Donna Wilson: I grew up in South Jersey, outside of Philadelphia, and was not even close to coming from a family of lawyers. I received a full tuition scholarship to go to George Washington University in D.C. I put myself through school and started working in law for the first time at about age 19. I just loved it. I loved law firms, I loved lawyers and I felt right at home in that atmosphere.

After college, I spent three years as a legal assistant working for a major New York law firm that, at the time, had a program that paid for significant portions of your law school tuition, depending on whether or not they asked you back. I went to UVA for law school, then clerked for the late Stanley Brotman in the federal district court of New Jersey, followed by the late David Thompson, who was serving on the Ninth Circuit in San Diego.

So many things attracted me to Manatt. My team and I wanted to find a home where we could be individuals and yet be part of something bigger than ourselves. Manatt gave that to us and so much more. The mentorship, guidance and support my colleagues have provided to me and to my team is unparalleled. It’s a wonderful culture of inclusion where you can rise to whatever level. You’re not bound by your years out of law school, where you came from, what you did or what you have. It’s about looking at people not as cogs in a wheel but as individuals to be supported.

Obviously, the platform was a big plus for me as well. I come from a financial services and privacy and data security background. The platform of combining everything – from digital media, healthcare, entertainment and financial services to the unique blend that we have of business consulting and legal practice – was very appealing to me, especially now as you see an increasing convergence of business consulting and legal services in response to client needs. Indeed, our privacy and data security group uniquely offers clients services from both business consultants and lawyers, depending on what best suits the client’s needs.

The Daily Journal named you one of the top 20 cyber/artificial intelligence lawyers. Cyber, AI, privacy and data security are often all grouped together. What is your specialty?

My larger umbrella specialty is privacy and data security, but I run into issues of AI all the time.

The way I look at this, there are three buckets of work in the privacy and data security area. The first is proactive risk management and counseling; the second is incident response; and the third is litigation and government enforcement. I love doing all three for different reasons.

Risk management and counseling give me satisfaction in limiting risk for my clients, thinking ahead to spot an issue and using my body of experience to inform my guidance and counseling.

Incident response keeps most general counsel up at night, and for good reason. Given my background, particularly with respect to litigation, my team and I deliver strategic value surrounding litigation risk management in the incident response area. I always say that some of our biggest successes are the ones that you haven’t heard about.

Another of the things that drew me to Manatt is its strength and reputation in litigation and government enforcement, and when we need to, we deploy that quite effectively in the privacy and data security area in order to serve our clients strategically.

How do you approach data and privacy issues in light of what has been going on with Facebook?

Every year since I became involved in privacy and data security in 2008, I think it’s not possible to have any more headlines than we already do, or to have the pace of change or evolving issues and risks and exposures that we do. And every year, there is even more attention and it gets faster. Our clients strive to keep up, especially with what they face in terms of compliance costs, as well as liability and exposure, both of which seem to be coming from everywhere these days.

We preach taking a holistic approach to privacy and data security. Sometimes clients get a little tangled up, because there’s that technology aspect to it that lawyers often don't feel entirely comfortable with. But our view is that this is mainly the basic blocking and tackling that would apply to most risk management issues and programs. So we try to do that as a foundation and then approach the other pieces that make privacy and data security uniquely challenging to our clients.

How are you advising clients on General Data Protection Regulation (GDPR) compliance, and what are you expecting enforcement to look like?

GDPR is a totally different way of looking at privacy and data security than we’re used to in the United States. Our clients are making good faith efforts to comply and address both the spirit and letter of these new obligations.

Part of GDPR is due diligence regarding your own activities as well as those of business partners and vendors, and figuring out what’s being collected, from whom and how, and then moving from there. Frequently, clients will say, “That has no impact on me. Nothing we do touches GDPR.” After we have about a 10-minute conversation, 9 times out of 10, the answer is very different. The overriding assumption should not and cannot be that “GDPR doesn’t apply to me.”

What should our readers know about the recently passed California Consumer Privacy Act, the CCPA? How should they account for it?

The same basic guidance that we’ve given for GDPR applies to the CCPA. It is about knowing, in every corner of your organization, what information gathering you’re doing: what it is, what you’re doing with it and who you’re collecting it from, then asking, “Do I really need to do this or not? What’s the business case for these issues or this type of information?” Then going forward to comply as appropriate.

You were recruited to Manatt just five years ago and are now taking on a new role as CEO and managing partner, which might seem unusual to some. How did that come about?

I think that my election is a testament to the opening and welcoming atmosphere at Manatt, including integrating lateral partners. My team and I feel like we’ve been here always, and that is due directly to the support we’ve received from our colleagues and the thoughtfulness that went into establishing Manatt’s lateral partner integration program. Bill Quicksilver developed and implemented this program with the purpose of ensuring that lateral candidates succeed at the firm and blossom.

How has being not just a supporter but a member of the LGBTQ community shaped your career and influenced your leadership style and choices?

Being an openly gay woman is just one of many factors that make up who I am and what I do. I came from a very different socioeconomic background than most lawyers, and obviously, being a woman affects how I perceive the world. I also have the perspective of being a working mom – I have an amazing 13-year-old daughter – and dealing with the competing priorities of being in a dual-career couple.

But at the end of the day, I think it’s about being inclusive, creating and nurturing diverse and talented teams, and paying it forward. Any success I have had in my career has been due to a combination of people, including my colleagues and team members at Manatt, taking an interest and wanting me to succeed and mentoring me. I feel very strongly about taking the time to mentor and support my colleagues and team members in return.

What are your hopes for the future of the firm?

I expect that we will continue to provide excellent service to help clients anticipate challenges that may be approaching their industry, be proactive in understanding our clients’ needs and pressures, and adapt and evolve to make sure that our clients succeed in every way possible.

As for the considerable special talent that we have at this firm, I hope that everyone who’s at Manatt considers this the best professional and personal experience of their career.


Donna Wilson is the CEO and managing partner-elect of Manatt. Her extensive crisis and risk management experience coupled with her broad subject matter knowledge and precedent-setting litigation experience make her highly valued by in-house counsel, the C-suite and boards in preemptively mitigating risk and navigating risks that become full-blown exposure. Reach her at dlwilson@manatt.com.