Today, Anthony was joined by Vivienne Artz for a fascinating episode of his “Privacy in The New World” series. Vivienne is the Chief Privacy Officer at Refinitiv. She is also Treasurer on the Executive Board of the IAPP and has been the President of ‘Women in Banking & Finance’ since 2017.
Anthony Brown: [00:00:01] Hello there. I’m Anthony Brown, and I’m very pleased to welcome you to a another episode of my privacy and Data Talks podcast. Today, I’m delighted to have a very, very special guest with me. I have Vivienne Artz from Refinitiv. She is Refinitiv’s Chief Privacy Officer. As many of you listening and watching will know, Vivienne’s been recognized as a thought leader in privacy in the community for well over a decade, alongside her role as CPO at Refinitiv, she also somehow manages to cram in being the President of the Women in Banking and Finance since 2017 and is also the Treasurer. Treasurer, I should say on the Executive Board at the IAPP and as if that isn’t enough. Very recently, Vivienne was awarded the 2020 Women’s Solicitor of the Year award at the Law Society’s Excellence Awards. So I’m not sure how you fit all this in, Vivienne, but absolutely fair play. Good morning. And how are you?
Vivienne Artz: [00:01:10] I’m fine, actually, I’m delighted to be here, thank you so much, Anthony, for inviting me to speak today. I’ll just shift a little bit to the left and you see that little curly thing that’s actually the woman solicitor of the Year award from the Law Society. So I have it behind me, which is great. I also forgive my distraction, but I also have to hand Brutus. So COVID 19 means that you need to take a special interest in all things related to the home. And my daughter rescued Brutus the pigeon when he fell out of his nest. He’s a late bloomer who was born in October, which is ridiculous. And anyway, he needed rescuing because his nest was blown out the tree. And so we’re hand raising Brutus the pigeon. So I get to look after him during the day while she is at school. So anyway, lots of distractions and things going on.
Anthony Brown: [00:02:02] Quite a fine specimen, if I may say Vivienne. So let’s add that to the list, shall we? In and amongst all of these, you know, very important roles that you’re you’re in the middle of. You also caring for a pigeon as well. So hats off. Hats off to you. But no, I’ve never had a pigeon on the show and I’m sure I never will. So it’s great to meet Brutus. It’s even better. I say to to have you on the show and thank you so much for your time in advance. And obviously again, for anyone that knows you, Vivienne will know that you’ve been, you know, central to the privacy community for many years, and you’ve spent 17 years at Citibank as the General Counsel Managing Director focused on privacy during your time there. So I mean, it’s a little difficult to know where to start today in terms of questions for you. But perhaps I wanted to take you back if I can, maybe to the very start of your career and maybe get a glimpse, some insight into you. You know how it all began for you and I guess specifically in there as well. What really drew you towards privacy? You know, in the early days which privacy looks quite different than it does today, perhaps.
Vivienne Artz: [00:03:20] Oh, fantastic. Yes. Well, I think it’s good to start at the beginning, isn’t it? Well, when I started off, when I eventually decided on a career in law, it certainly wasn’t in relation to privacy because it wasn’t really much of a feature at all. And I wanted to do something that was modern and that was interesting and that was going to evolve. And so I decided I was going to be a technology lawyer. And that was my passion was to be a technology lawyer and as a technology lawyer, one of the things that popped up as a newly qualified lawyer was the European Directive on Data Protection in 1995. And as a junior lawyer, you get to do everything. And as there was no department to deal with privacy, it kind of fell to the tech lawyers because it had the word data in it. Data protection, therefore the techie people to know something about it. And so it fell to us in the technology legal team to do a presentation for our clients to understand what is this new directive and what does it mean for us? Of course, remember that in the UK we’ve had data protection since 1984. We have the Data Protection Act and this was obviously the European directive that really made for an absolute sea change in this area and move things forward at quite a pace. So I was commissioned as a junior to prepare part of the presentation for our clients and so I read about data protection and I thought, Oh my goodness, I couldn’t imagine anything more bureaucratic and cumbersome and artificial than the EU Directive. I just felt, you know, just it was so process driven. And I just it didn’t. I have to say it did not resonate. And so there were a couple of people who are dead enthusiastic on on data protection. I thought I’d leave it to them and I’d continue along the technology line. So I ignored data protection and I moved forward on technology and pursuing my career. I moved three different law firms actually before I went in house and I went in house to Citibank, absolutely thrilled to be head of technology legal there, and was looking forward to focusing on an electronic trading systems and all things data related and data protection ended up in my lap and I was like, Oh my goodness, so where did this come from? But there was nowhere else for it to go. And as a technology lawyer, really, it says data in the name, so it ought to sit with you. So data protection came and sat with me together with all of the commercial stuff. And so I found I had to find somebody to do data protection. At the moment, there was nobody but me, so I, I embraced it reluctantly.
Anthony Brown: [00:06:00] So it’s been sort of in what year would you say there’s sort of been around
Vivienne Artz: [00:06:04] Approximately about 2000,
Anthony Brown: [00:06:05] Right? Ok, wow.
Vivienne Artz: [00:06:07] It’s about 2000. And. So, yeah, because we would all be interested in the millennium bug, haven’t we? That was far more exciting than data protection. And we all managed to get through the new year without a bug occurring. I did. I did not volunteer to do the all nighter and have nothing to drink. I actually celebrated the millennium in style. The last thing you’re going to want and need as a lawyer, but the techies deal with this one. So yes, and then, you know, part of my role was to join all these industry bodies. So I try to find somebody who would pick up on the privacy side. And then I joined a couple of the industry bodies to represent Citibank, and I joined LIBOR, which was the London Investment Banking Association. It’s now asked me and I joined the BBA. And then there are surrounded by all these experts who were looking at data protection and but they were looking at it from a completely different lens. They were looking at data protection from a policy perspective and from an advocacy perspective, and suddenly my interest was piqued. And it wasn’t about the compliance than the operationalisation it was actually about. What does this mean? What is the impact for the business? Is this good or bad? And how do we influence change? And suddenly this rebirth of actually this is really interesting and if I put and I refer to it as having a privacy lens, if I put my privacy glasses on and look at the world through the privacy lens, it it’s actually very different and it’s fascinating, uniquely fascinating. So I decided that was it. I’m going to embrace data protection, and frankly, I’ve never looked back. It was the best thing I ever did. And now I’m the Chief Privacy Officer at Refinitiv, and it’s hugely exciting. And what makes it so exciting is that it has both a personal and professional impact. So data protection applies to businesses and it applies to individuals and it applies to society. And the thing I love about it as well is that it? Brings in themes which are philosophical, ethical as well as business related, and it touches every aspect of our lives. And then the other part of it, which was a tremendous opportunity that I had at Citibank, was to realize that it went well beyond the UK. It was multi-jurisdictional. So obviously in 2000 it was, you know, a handful, probably 30 or 40 countries that had data protection legislation. Now, two thirds of the world has data protection legislation. But the international impact and opportunity was clear. So that was my journey to data protection.
Anthony Brown: [00:08:46] Wow. Fantastic. So. And I just wanted to note as well, actually, I know that for as long as I specialised in this area myself as well, which is quite a few years as well, maybe not as many as you, but I’ve always recognized you. I think you’ve been very vocal and have been banging the drum for for privacy ethics for many, many years. You know, in some regards, it’s quite a new thing for some businesses. Even, you know, the largest businesses in the world have only really sort of started taking it really seriously over the last two or three years. But you obviously it’s in your core. It’s perhaps what pique your interest at the very outset of your career. And I guess ultimately, you know, it’s great to have people like you around who really, really care. I think something we had a chat Vivienne a couple of weeks ago, and I’ll just remind you, and it ties in quite nicely. I think with your your story of how you got into privacy. And we were talking about the current landscape, i.e. working from home as most people have been doing for most of this year, something that I’ve become really aware of through my work over the last few weeks and months. From speaking to perhaps the more, you know, junior or mid-level privacy pros, it’s become quite apparent in many cases that they are missing out on having mentorship sponsors, you know, that sort of day to day ability to really, you know, just go and have a quick coffee with a manager or a quick chat here and there to to really get those insights are really important when someone’s cultivating a career. And I do feel for these individuals and I’ve been sort of racking my brain about how things will develop in that way. We don’t want to lose some really great potential. So hopefully I’d like to shine a light on this over the course of time. But anyway, my question for you is at the early parts of your career, were you fortunate enough? Do you think to have some good mentors around you and how important do you think they are?
Vivienne Artz: [00:10:50] Well, it’s interesting, isn’t it? Maybe it’s a bit dating in that I didn’t actually have any formal mentors in the early part of of my career at all. But I think I would have benefited from them enormously. But on reflection, I would say that I had unofficial mentors and people I looked up to. And again, if you if I reflect back, I think about a couple of people who sort of, you know, took me to one side and said, You know, you’ve got great potential here, but you could be more effective if or, you know, have you thought about doing this instead? And they weren’t official mentors in the way that we now have setting up a mentoring program where you agree objectives with your mentor and you have a structure around it and so on and so forth. But I did have some unofficial mentors, and I think almost more importantly is I did have some unofficial sponsors as well. So those were in the whole mostly fantastic men who were in the room where I wasn’t particularly at a level or two above me who could speak up to talk about what I doing as being important about myself, as, you know, talents that needed to be nurtured and who could advocate for not only me as a as an individual and an employee, but also for the work that I was doing so hugely important. I think COVID 19 does impose some unique constraints on us, so in some ways it’s quite easy to get on to a Zoom you don’t have to run around to meetings, you don’t have to travel, you can connect digitally all the time. It does lead to perhaps a level of ease and communication and certainly has led to some interesting insights into people’s lives. I mean, you can see my study has got red walls. Who would have thought I can see that you have a fascinating picture behind you. You’ve changed it today. What happened to what happened to the map thing that we saw the other day?
Anthony Brown: [00:12:44] Well, actually, this this is all the way from Vietnam, actually this this picture. So when when myself and my wife got married, we got married two years ago, we’d been together actually 15 years this year. So we left it late. We did everything back to front. We’ve got two children and we went on a long honeymoon during the summer of 2018 and we went to Asia and we took the children with us and we wanted to have, you know, took the opportunity to show the kids to different side of the world and, you know, different insights. So where better we thought, let’s go to Asia. So we took them to, we took them to Thailand and to Vietnam, and with this was actually purchased on a boat trip that we went on. And yeah, there was loads of them anyway. Amelie, my daughter, just fell in love with the monkey and in fact, we had to go back. We had to go backwards on a boat, which wasn’t normal protocol to go and get the monkey. So he’s come a long way. And here he is, you know, sort of listening in and along with Brutus the Pigeon.
Vivienne Artz: [00:13:46] So it’s going to say, at least you’ve got one that’s in picture form that isn’t get a chat, but if you can hear the squeaking, I’m afraid that’s Brutus. He’s got views and what I’m saying. Yeah. In terms of that connectivity piece it, I think it is a challenge, but it is essential and particularly in the fast evolving world of privacy. When you think about why we have privacy laws and where it comes from being able to leverage the expertise of those who have been doing it for a long time, to get that context, to understand why the laws are proposed, the way in which they are, why they are different between jurisdictions is really important. And you can’t necessarily all of get get all of that from book learning. But one of the things that I found helped me enormously. Apart from when you’re just buried in your work and you don’t get much of a chance to network is to actually join the IAPP. Now, granted, I’m a board of directors person on the IAPP, but I have been a faithful supporter of the IAPP since it started and it is the professional network for privacy people. And it isn’t about privacy lawyers, it’s about everyone in the privacy community. Whether you’re compliance, risk, whether you’re a vendor, whether you’re a customer, whether you’re starting out or whether you’re very senior and they hold a number of events, particularly the knowledge events where any IAPP member can rock up and network and those who of course, now digital as well. So I think it is challenging.
Anthony Brown: [00:15:18] So sorry to interrupt on that note on the IAPP as well. I mean, back when I decided that I wanted to focus on on privacy from an executive search perspective, I, you know, I’m really so grateful looking back because I went to to a couple of conferences through the IAPP and everyone was very welcoming. You got a real sense of community straightaway. I think things are really starting to bubble and become very exciting in the privacy world at that point. And you know, and then I’ve consistently gone to the conferences, obviously, unfortunately, we couldn’t this year, but they are they are superb. So anyone listening to this who isn’t involved with the IAPP isn’t a member. Have a chat with your manager, you know, to try and pull some strings because I’m sure you’ll find the community 1, superb. But the insights and the knowledge that you have access to is superb. So yes, sorry to interrupt you there.
Vivienne Artz: [00:16:12] No, no. And it was just to say it again as a as a community do leverage that, particularly in COVID, because there’s lots of virtual communities out there as well, and you need and you needn’t be alone. And certainly, I think, connecting with your peer group, I always find the most valuable thing to do in privacy is actually to talk it out because it can be very complex and very challenging. And at the moment, we’re inundated with guidance, aren’t we? So we’ve just got the new standard contractual clauses, as well as the guidance to different forms of document from the EU on Schrems to I mean, it’s an absolute deluge at the moment, and it’s it’s hard work actually working your way through all of that and then distilling what does it mean in practice? And I find actually talking it through with colleagues at other firms and internally is is invaluable. And you can send a check and you know, more mines together actually do better work. So find some friends and go for it.
Anthony Brown: [00:17:11] Absolutely. In terms of the privacy landscape, I guess it’s it’s matured as we know, as we’ve discussed over the last few years. I mean, how can you give us a sense of how different it is to say maybe not as far back as 2000? I don’t know. I mean, it’s up to you how far back you go, but even say, 10 years, you know how different, you know, in terms of the size of the community, the interest levels?
Vivienne Artz: [00:17:35] Well, it’s interesting, isn’t it? You know, if I do throw my mind back and I think about privacy events that we used to go to, there were like 30 to 50 of us. If you went to the last IAPP conference in Washington, there were over 4000 people there. Just incredible. I mean, that just gives you a sense of the scope and scale. And I remember, you know, the first conference I ever went to was the one that Stuart Dresner ran, and Stuart’s been doing privacy for many, many years. And, you know, privacy laws and business has been a mainstay and certainly has. I think what appeals to lawyers, particularly a very academic focus, he has a practical focus as well, but he’s also very interested in the cutting edge practical side of things, and it’s lovely to see privacy laws and business continuing in that vein. But, you know, when I started, privacy was some security people, some risk people, but predominantly lawyers. It was something that fell to lawyers because it was like, Oh, it’s a privacy law. So let’s get a lawyer to understand it. Because let’s face it, it doesn’t seem to fit particularly well with anything else, either. So let’s just leave it to the lawyers. And I think the thing that has changed enormously is that with the GDPR, it’s become very clear that you can’t just have lawyers doing privacy. It doesn’t work that way. Lawyers are terrific for advisory and also potentially for advocacy and for policies and escalations and all of that and all of those layer things But when it comes to operationalisation, embedding privacy, creating a culture, I think actually other skill sets are needed and I’ve been very deliberate. For example, when I’ve been building out the team at Refinitiv is to have lawyers and non-lawyers because there’s things that the lawyers are outstanding at and we may as well get the lawyers to do the things that they’re brilliant at. And then there’s other things that are compliance and operations team can do better than anyone else. And so why not have the relevant professionals associated with that? And I think that’s that’s quite interesting is to see how how it has changed over the years and how more people have now joined the privacy sector and found their home in different aspects of privacy because there are so many different aspects of it. And my tagline really for my team is about, you know, creating a privacy culture. And so what we say to the business is privacy is the new normal and you keep saying it, you’ll eventually believe it. It is the new normal. There is not much that we do where we’re not having to think about a privacy issue, particularly in relation to COVID 19. You know, when we first reacted to COVID 19, we set up a an executive team to address the immediate issues of moving to a virtual operating environment and who had a seat at the table for privacy straight away because of the people elements, because of the data element, because of the health element. It was just so fundamentally important. So it’s interesting to see that. Journey, you know, started as lawyers in a very, very small group, and we have matured enormously over time, and there’s a place for all sorts of different skills at the privacy table.
Anthony Brown: [00:21:00] Absolutely. I couldn’t agree more and certainly again from the time that I specialized in this area. The change, you know, it’s been subtle as things usually are in life. But actually, if you look now compared to some of the conversations I was having five six years ago with privacy professionals and hiring, you know, companies, there was a real disconnect or people didn’t really know what they were looking for. And then then everyone starts saying, we’ve got to have a lawyer. And then and then, you know, the non-lawyers that I was talking to were getting frustrated because they could do this job. And but I think things are settling down a bit. And I think your your insight, your your, you know, your way of doing things, having that blend of legal and operational is is the way forward. I mean, this is increasingly what businesses are doing. So I know another thing, another feather in your cap. If you like Vivienne or something you’ve you’ve somehow managed to juggle throughout your career is that you’ve been quite vocal about being a gender champion, you know, for women and and and obviously you’ve been president of the women in banking finance for the last few years. And I know something of interest. It’s always interested me actually the gender balance across the privacy community. Do you think? I mean, how has it changed? Do you think is it the same as it was 10 years ago? Or have you seen a significant change in the balance of gender within privacy?
Vivienne Artz: [00:22:27] I think it’s an interesting question, has it changed? I think there’s always been a lot of women involved in privacy, but what’s interesting is I don’t think we’ve got the data to actually measure the change over sort of, say, 10 or 15 years. I think it’s something that the IAPP is now focusing on is actually diversity and inclusion. They have a specific work stream on that. And in fact, they launched a a group. In fact, a number of groups which are affinity related. So gender and BAME and other areas as well, which is quite interesting. But I suppose what I could do is just reflect on what I can see. And what I can see is that there have always been a lot of women in privacy. Maybe that’s because of the nature of the subject. But what we are also seeing is that there doesn’t appear to be a reduction in the number of women in senior roles. So Andrea Jelinek, for example, is chair of the European Data Protection Board. We are lucky to have Elizabeth Denham as our UK ICO, and she is regarded internationally as being an incredible thought leader. And the previous chair of the Article 29 working party, as it was, was also woman in Hong Kong. The new privacy regulator is also a woman. I know privacy regulators in Africa who are women, so it’s interesting to see that at the highest level of privacy and in some of the most important roles that shape policy that is being led by women but there are equally obviously a huge number of men, but there is not an obvious minority of women that I can see. But I do think we need to consciously run the data on this so that we can measure the trends. And if we do see a shift in what appears to be an area where there is real equality of opportunity of the sexes to excel, to make sure that that doesn’t change going forward, because I think it’s one of the things that defines privacy and makes it so comfortable. And such a collegiate environment, shall I say, is that there is such an excellent balance and mix of people, both in terms of gender and age and ethnicity and other measures as well. So I just when I look around at the privacy community, it is it’s very diverse. But I would also say it’s very inclusive. It’s it’s a very welcoming community and having worked in financial services, I’ve straddled different sectors and you know, they each have their own particular culture. And I have to say, you know, the privacy sector is one where I really enjoy working because the people are great. And I think we’ve done a tremendous job in terms of preserving that balance, which is so important.
Anthony Brown: [00:25:16] Absolutely. So if you were talking to perhaps, you know, somebody in education or a fledgling privacy pro, maybe somebody who’s just, you know, finished a degree considering a career in privacy, by the way, privacy or privacy, I mixed up what I said. I noticed you like privacy. Some people say privacy. Where do you stand on that?
Vivienne Artz: [00:25:38] And I think if you’re from the UK, you would say privacy. And if you’re from the US, you’d say privacy. So I have said privacy for many years because I worked in an American bank and now now that I’m working at Refinitiv and seem to be part of London Stock Exchange Group, I have suddenly had to change my my language to privacy. So I’m glad you could pick me up on that one, actually, because now I’m doing well. I’ve been trying to practice privacy rather than privacy.
Anthony Brown: [00:26:02] Yeah, its interesting isn’t it? And I perhaps because, you know, I do, you know, like, you know, like yourself and speak to people around the world. And, you know, I guess you’re sometimes a chameleon, you know, adapt to who you’re speaking to. So it’s interesting. Interesting. So glad I asked you that. I think that’s going to be another podcast question for for future guests as well to get their take on that. So, so where were we? So yeah, so you’re talking to somebody who’s just starting their career or making the decision, perhaps as a lawyer or no lawyer, they want to know which route to go down, and they’re considering privacy as a career. What what would you say to them at the moment about that?
Vivienne Artz: [00:26:42] I would have to say to go for it. I think it is absolutely the new vista. So if you if you think back to like 30 years, how many companies had big technology departments? I remember when I was, you know, at work, temping when I was at university, there was like two or three computers. And I remember going downstairs into the basement actually go and input the stuff on the Wang computer if you can cast your mind so far back. And now, one of the biggest departments for many firms is technology. And even if you’re an SME, you don’t store your stuff on paper, you store it on a laptop and you probably connect it to the cloud. So everybody is embracing technology and even. If you’re doing a DIY, it’s a feature of your business, and once your business reaches any size, you’ve got a technology department, and I do believe that that is the way that firms are going to be going in the future. At the moment, large firms have privacy departments or individuals and professionals, and I think that we’re going to increasingly see that SMEs need to as well, not just because there’s a legal requirement to have a data protection officer, but because we all deal in data to a greater or lesser extent. And actually, we’ve got to embrace the challenges and opportunities around how we use data responsibly and legally. So I think it sort of goes back to that point question you were asking a little bit earlier around use of data, and it’s not a question the ethical piece, you know, the ethical piece isn’t about whether you can, it’s about whether you should. There’s so much that we can do that there is the ability to do, but actually, should we do it? And that’s the ethical question. So what are what are the requirements? What is your thought process when you’re thinking about what should you do? So I think it’s a it’s a tremendous career move, not least of all, because there are so many different aspects of privacy, as we’ve discussed. You can do the operational side, you can do the policy side, you can do the advocacy side, you can do the legal side, you can do the technical side. You know, there’s this tremendous growth now in the operationalisation of privacy, leveraging tools to do, you know, reporting and tracking and assurance and auditing and engagement and training and so on and so forth. So the opportunities are large. And then the other thing is is I love privacy because it’s so horizontal. So you can do this in the private sector. You could do this in the public sector. You can do this in large organizations. You can do this in small organizations. You can do this for organizations that sell cigarettes or that, you know, save the rainforest, whatever. You can do it in financial services or you can do it in social media. It’s it’s I think there’s an opportunity for everybody, and the horizontal impact means that it is exciting and it is evolving all the time. So I think if you’re looking for something more boring, maybe don’t bother. I think people used to think privacy was boring. I don’t think it’s boring at all. I think you’ve got to be pretty nimble and agile and inquisitive and open to change. And then I think you find yourself a fantastic career.
Anthony Brown: [00:29:57] Absolutely. Well, hopefully there’s some some of the before mentioned, you know, areas of the population listening to this and and and maybe you’ve just sold them. Vivienne, I’m sold. So is there any specific tips that you would perhaps give them at this stage as well? You know, is there a route to go down or certain, you know, knowledge base to tap into or,
Vivienne Artz: [00:30:23] I think, one of the new frontiers for privacy. It’s been tapped into a little bit, but not hugely as education and a lot of schools. We do education around cyber or safety online, but I don’t think that we’ve really embraced privacy protections and rights within the educational sector. And I think that that’s certainly a new frontier for society to be thinking about how we bring this home and educate people from the earliest stages. A lot of a lot of our privacy issues arise because we’ve not paid attention to the evolution of technology and uses of data and so on and so forth. And you know, as is often said, the law is catching up with practice and seeking to change practice. And I think increasing that awareness and sense of self responsibility by individuals from the earliest stage, I think will help us as a society to better manage our privacy responsibilities and our rights and make sure that we’re living in an environment where data is continues to be treated responsibly and in a way in which we we want it to be. I think if you’re if you’re interested in privacy, you’ve got to be open and inquisitive. What’s really interesting about it is that it’s not just about innovation, but it’s also about solving the problems of legacy issues. We’ve all got legacy stuff, old ways of doing things, old technology as well. So it isn’t just about new and cutting edge and artificial intelligence and things like that. It’s also about the day to day and the stuff that we’re carrying with us from the past. So I think that’s an interesting area. And then the other one, which I think is growing in terms of a specific area of expertise, is privacy and employment law. You know, it is, it is quite distinct. So I think there’s a whole new branch that’s growing in that space. But if you want to be if you want to be successful in Privacy be inquisitive and be collaborative, it’s a team sport, and I think there’s there’s a long way to go on this. There’s lots of interesting things to do.
Anthony Brown: [00:32:38] Indeed, indeed. And obviously, you know, the times we’re living through at the moment are just off the scale as we know the world’s fast forwarded in rapid speed over the last few months. And and this has brought about so many new challenges. As we know, just looking forward, what do you think is the biggest privacy challenge on the horizon? Is there one that you can identify? I know it’s been a busy week, as she said. There’s been lots going on. There’s new rules and regs coming in, but is there anything on the horizon that people should be looking out for.
Vivienne Artz: [00:33:13] It’s interesting. I think I think it’s to do with international transfers. That is the big issue that is testing us at the moment is how do we continue to protect data when actually it transcends jurisdictional boundaries. So the way in which we think about our law and the way in which we think about privacy is subject to law. We’re always thinking in the sort of geographical box, but actually the way in which data is used and accessed and shared and stored and tends to transcend those boundaries and how we maintain the protections for data but still allow business to access it and for it to flow the way it needs to flow in order to be useful is, I think the big frontier and what we’re seeing is an increasing amount of localisation taking place, a view that data sovereignty is the way we should be going and we should be holding data, restricting its movement, restricting its access. And I query whether that is the approach we should be taking and what we should be doing is it’s perhaps better managing the purposes for which data can be used rather than restricting the flow of data and the purposes piece then speaks to the concerns, doesn’t it? The concerns are around misuse of data, so it isn’t the fact that data is in various places. It’s the fact that the purposes for which it’s being used are ones that don’t sit well with people and perhaps that that’s what we should be looking toward. But in the global world in which we live, it’s going to be data transfers and exacerbated by the virtual operating environment in which we now exist. Because the data isn’t in the office is it. The data is accessible by all of us at home, and it’s amazing how many people have now chosen to move to different places and operate in an even more remote manner. And so data security as an issue, data confidentiality is also an issue. So it’s all about the movement of data. In my view.
Anthony Brown: [00:35:18] Okay, excellent. Thank you, Vivienne. And finally, I think, you know, regular listeners will know I always, always end pretty much with this question. It’s a bit of a an insight and a bit of fun. But what do you enjoy most about being a Chief Privacy Officer? What’s what makes you leap out of bed and say, I’m going to go and have another day of this?
Vivienne Artz: [00:35:43] I think what really inspires me and what I really love about it is I have the ability to make a real difference, a real difference for the customers of the firm where I work, but also for society. So what we do, even at the firm impacts society and to be able to have the opportunity to change the world or to be part of that change in the world in which we live is a responsibility, but it’s utterly invigorating as well. So, for example, the UK is currently consulting on the National Data Strategy. Well, a huge piece of that is around privacy. So to have the opportunity to contribute your thoughts and experience to how the UK is going to shape its strategy going forward is so exciting. The EU has been undergoing a similar exercise as well. So I think one of the fascinating things about privacy and why I love it is because, as I said, it’s horizontal. It touches every aspect of our lives, both personal and professional. And to have the ability to work in and to influence and to make a difference in that, you know what could be more exciting? I’m doing something that is purpose driven and that is meaningful. So that’s that’s why I enjoy being a CPO is because it’s it’s not just about what we do in our firm, it’s what we do as our place in the world.
Anthony Brown: [00:37:09] Absolutely. And what more could you want, I guess, you know, feeling that you’re making a positive impact and involved at centre of change all the time, you’ve certainly come a long way since those early privacy days Vivienne and I just want to thank you so much for a fascinating talk today, I hope our listeners and viewers really take some, some real insight away with them, I’m sure they will. So thank you. Listeners, viewers, if you’ve enjoyed this episode, please share, comment, like, subscribe. But Vivienne, thank you so much again. Have a wonderful day and we will speak very soon. Thank you so much.
Vivienne Artz: [00:37:55] Thank you very much for inviting me. Thank you, everyone. Bye bye. Yes. Bye bye.
