How Axiom Attorney Dina Helps Companies Navigate the Changing Privacy Landscape
July 2019
By
Axiom Law
“Axiom lawyers have a really broad array of interests. It’s an interesting mix of people who are drawn to this legal disruptor,” says Toronto-based attorney Dina. A specialist in privacy law, Dina joined Axiom because she was interested in our flexible model of employment, as well as the opportunity to work with a wide variety of clients, including Fortune 500 companies and fast-growing startups. A novelist and a runner in addition to an attorney, Dina brings her extensive experience in privacy, data governance, and data security to her work with Axiom’s clients.
A studious beginning
Dina grew up in a small town in New Brunswick, the youngest of five daughters of a Ghanaian father and Canadian mother. Of her family she says, “We’ve always loved to study and always been very academic, so my love of learning started very early. I had a very supportive, close family. We focused a lot on academics and how to achieve our best.”
Her parents also fostered her creative side, and when she went to college Dina found she was drawn to both law and writing. To further nurture her creative skills, during her undergraduate studies at Harvard, Dina chose to major in English and American Literature and Language, with a minor in French. “The beauty of a liberal arts education is that it encourages you to become interested in many different subjects and that has carried through my legal career,” she explained.
After college she returned to Canada and began law school at the University of Toronto. The summer after her first year she wrote for a local newspaper in New Brunswick. During that time the New Brunswick government was overhauling their access to information law. Dina was put in charge of the paper’s information requests, which began her interest in privacy.
Upon completion of law school Dina articled at a large firm, which was her first exposure to corporate law. She explained that her experience, “taught me a lot about the business of law, how to engage with clients, and soft skills that they don’t necessarily teach you in law school.”
A growing interest in privacy law
Dina had a nascent interest in privacy law and wanted to pursue it further. She began working as a privacy researcher in Toronto, which enabled her to develop a broad knowledge base in the field. She was able to gain exposure to privacy laws in Canada, the United States, the European Union, and the Asia Pacific region. She also earned two privacy certifications from the International Association of Privacy Professionals in Canadian and American privacy law.
After working at the research company Dina realized that although she enjoyed it, she missed the pace and client interaction that she had in a law firm environment. She then transitioned into private practice and spent two years at two different law firms focusing on insurance litigation and privacy law.
When she joined the first firm privacy was still just a small part of their business, but it grew after Canada passed an anti-spam law and regulation increased worldwide. “I told the partners that hired me that privacy was an interesting and developing area of law and on the brink of becoming big business. The firm was very receptive, and I built up that practice area doing privacy work for institutional insurance companies, in addition to running a busy litigation practice,” said Dina. By the time she left private practice to work as a consultant, privacy work made up about 50 percent of her workload.
Next Dina joined a Big 4 accounting firm to manage a privacy and cyber security group. She worked exclusively in privacy, data governance, and data security and was the only lawyer on her team of accountants and risk management consultants.
Finding a balance between creativity and the practice of law
“One day it dawned on me that even though I was really enjoying my work, and I was interested in privacy and building my expertise, I felt like there was something missing,” said Dina. “I felt like I had lost touch with my creative side.”
After much reflection, Dina decided to take a pause to consider her life and career. She took a year to focus on her interests outside of law. She began work on a novel, a fictionalized version of her parents’ early years when they moved to her father’s native Ghana in the late 1960's shortly after the nation’s independence, a story she’s always wanted to write. She also developed a meditation practice and focused on running.
When she was ready to return to her legal practice, she learned about Axiom from a friend from law school and joined the company in February of 2018. She was especially intrigued because Axiom has a client base that includes both Fortune 500 companies and growing startups.
The Axiom model, Dina found, was a great fit for her as someone who wanted to balance her professional and creative ambitions. “Axiom makes you feel like you won the lottery between work/life balance and career choice,” she explained.
She also found that Axiom’s community has been a huge asset to her career. “I feel like I’m very supported,” she said. “Axiom has gone above and beyond in putting me out there in terms of making sure I have opportunities to present, to nominate me for an award, or connect me to really interesting clients. It makes me feel like my efforts are being recognized and appreciated and that Axiom really cares about professional development and their lawyers’ well-being.”
She has found that working for Axiom has been a, “refreshing way to do business and I think that is why lawyers are attracted – you get exposure to really good client work, but you don’t feel like you are lost in the shuffle. I feel Axiom really pays attention to and meets lawyers’ needs.”
Preparing for the future of privacy regulation
Dina joined Axiom just months before the European Union’s General Data Protection Act (GDPR) went into effect and since then she remarks, “There’s been no shortage of really interesting privacy issues.”
Her first two engagements focused on GDPR compliance including policies, technological safeguards, user consent, and data collection. She worked for two very different companies: a social media company that was about six years old and a large accounting firm with offices all over the world. The social media company had millions of users, many of whom were under 16 years old and merited special consideration under GDPR. For this client Dina had to think about how to “build a compliance program for a service where users build their own profile and share the information. I made sure the company was doing their due diligence to ensure the best and safest environment for their clientele.”
For the accounting firm she developed a full-scale compliance program for the confidential information and financial and health data that the company was processing. For GDPR Dina noted that “There are certain issues that are universal, and others that are more relevant depending on the business.”
Dina reminds companies that while privacy regulations can be daunting, working compliance into their business practices is crucial, “Privacy compliance is always evolving – but the key is to get started and tackle the most pressing issues first.”
Her third engagement was a pharmaceutical company in need of a data governance program that considered all the ways that client data could be used and gave customers the chance to consent to the analytical use of their data. According to Dina, they needed a privacy program that was, “not only robust enough to comply with the law, but one that also instills trust in the consumer.” She feels that it’s “really important for companies to consider the ethical implications of their data use - it may be even more important than the legal implications.”
Overall, Dina feels that “a privacy program doesn’t work if a company doesn’t consider all aspects of the business” and that effective attorneys must give advice that takes into account the broader business context. She finds that the Axiom clients she works for are “constantly innovating and improving the services they offer to their clients and are being very proactive about going about it in a privacy conscious way.”
No day is the same for a privacy attorney and Dina remarks that her days vary greatly, “You can have a day where you spend the day drafting policies, reviewing contracts, and answering phone calls, or you can spend your day coaching a client through a privacy breach. Not matter what the day throws at you, your goal is always to help the client navigate these difficult issues in a compliant, ethical, and practical way.”
Dina thinks that privacy will continue to grow and be a “hot button issue,” especially as individual states such as California and Nevada pass privacy legislation and the legal landscape continues to change. She also views cross border data transfer as a growing issue, especially as jurisdictions like Canada are looking to pass more stringent legislation about how consumers are notified about their data being transferred. “These policies are giving individuals more rights and control over their own data but will also impact businesses. Companies will really have to look at the data that they transfer and what circumstances will arise that will need express consent.”
Moving forward, Dina reminds companies that privacy will shift how they operate because a privacy program is never stagnant. “I think companies have realized it’s not sufficient to have a privacy policy on their website that’s updated every 10 years. Instead you must monitor changes in the law, listen to peers about what’s working and what’s not, and constantly revisit your policies, training, procedures, implementation, and auditing. Companies need to be constantly iterating. If they don’t grow with changes in privacy legislation they will be left behind or find themselves in the headlines for all the wrong reasons.”
To help your company take a proactive approach to privacy legislation and work with experienced privacy attorneys like Dina, or to join Dina as a colleague, get in touch with us at Axiom.
Posted by
Axiom Law
Related Content
Adapting to the EU AI Act: Four Key Takeaways for General Counsels
Understand current challenges and practical strategies for data privacy and cybersecurity compliance based on the recently passed EU AI Act.
IAPP UK Data Protection Intensive 2024 Highlights: Dive into AI, Data Privacy, & Cybersecurity
Read the recap of the IAPP UK Data Protection Intensive 2024 and explore the latest trends and developments in AI, data privacy, and cybersecurity.
Implementing Legal Operations: Balancing Budgets, Burnout, and Technology
Explore a comprehensive view of how legal departments are navigating today's economy through budgeting, resourcing, and technology within in-house teams.