TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

The Privacy Advisor | FTC, DOJ on the Resume? You're in Demand Related reading: Cam Kerry's Move to the Other Side of the Table

rss_feed
iapp-privacycore
PrivacyTraining_ad300x250.Promo1-01
Webcon_PA_300x250_ad_November_Bloomberg_2017_121317

You’ve read the headlines. The retailer got breached. The FTC settled with the app maker. The customers are filing a class-action against their service provider over its alleged deceptive policies. It’s an uncertain time for brands that want to innovate and, simultaneously, manage a sterling reputation and avoid legal woes. Given that reality, one can imagine the appeal privacy pros Janis Kestenbaum and Nancy Libin have as lawyers for hire these days—with their insights stemming from such unique positions as legal advisor to FTC Chairwoman Edith Ramirez and chief privacy officer at the Department of Justice, respectively.

Both have recently moved from their posts in government back to their early roots in private practice. But they take with them a wealth of knowledge of the inner-workings of governmental regulatory bodies, and as Cam Kerry recently told The Privacy Advisor after moving from the Commerce Department to private practice, that’s an asset clients appreciate: You’ve sat on the regulators' side? Tell me how to keep them and my customers happy.

Janis Kestenbaum

Janis Kestenbaum

Kestenbaum spent her early days at the Department of Justice (DOJ) in its honors program defending the constitutionality of a broad range of statutes when claims of unconstitutionality were brought. She later landed at the FTC’s Bureau of Consumer Protection working on fraudulent marketing practices, before eventually settling in as Ramirez’s legal advisor.

She calls the latter gig a “great stroke of luck for me, because I got to be the principle privacy advisor. So my job was to advise her and to work with others to help bring to fruition her agenda.” She said she feels proud to have been part of Ramirez’s tenure because of the “real reinvigoration of the FTC’s privacy work both on the enforcement side and on the policy side.”

Now, with her recent move to private practice at Perkins Coie, she’s able to use the insight she gained at the FTC to help technology companies navigate the regulatory world.

“It’s been exciting to be part of the privacy by design process to help companies as they seek to meet their business objectives in a way that respects their legal obligations and also engenders consumer trust,” she said. “It’s been fun for me to use what I learned at the FTC to do that.”

Companies are relieved to hear from the horse’s mouth, she said, that while the FTC is tough, it’s also fair and reasonable.

“The people over there are smart,” she said. “They aren’t looking to play gotcha, they aren’t looking for technical violations. They’re looking for violations that really do have an impact on consumer welfare. I think hearing that is really reassuring to companies.”

Libin tells a similar story.

She started her career litigating at a large DC firm, eventually moving to the Center for Democracy and Technology to work on Internet privacy issues and public policy. Later, she became then-Sen. Joe Biden’s counsel on the Senate Judiciary Committee, working for him on electronic surveillance and national security issues, before landing a gig at the DOJ as its chief privacy officer.

She recalls her time in government, particularly under Electronic Communications Privacy Act reform champion Biden, as a pretty cool time to be working on surveillance. Politics were at play big time, she says. Technology advances had the intelligence community asking for expanded authority, something Biden eventually voted against.

Nancy Libin

Nancy Libin

She’s now moved to DC-firm Wilkinson Barker Knauer where, instead of regulating the companies, she’s helping them regulate themselves.

“One thing I really hadn’t done yet was to work on these issues closely with the companies that were making the technology that everyone was using and that DOJ was getting concerned about,” she said. “For me, this has been a wonderful opportunity to learn more about the business side, the corporate concerns, and also to consider these issues in the context of businesses that are trying to innovate and grow and also really want to do the right thing.”

There’s so much gray area in privacy law she said, and so much worry about where the law is going. She sees companies starting to get “really serious about privacy and data security, and that’s encouraging.” And she sees that happening increasingly in the public sector as well, though it wasn’t always that way.

“When I was in government, chief privacy officers in agencies were not the norm,” she said, adding that senior officials at federal agencies were more concerned with internal compliance than policy. “I think privacy policy is something every agency ought to think more about. That’s one of my takeaways from my time in government.”

That’s partly because of the “incredible amount of personal information that federal government agencies collect” and the way technology has evolved since The Privacy Act of 1974. Policies should be uniform across the governmental board, she said.

“There needs to be renewed focus to reflect the changes in technology,” said Libin of federal agencies. “That remains to be seen, agencies’ focus on those issues."

For now, Libin and Kestenbaum are making sure the companies they advise keep their focus on the right things, so their former agencies don't have to.

1 Comment

If you want to comment on this post, you need to login.

  • comment Michael • Jan 19, 2015
    This is a fluff piece enabling a regulatory body to coordinate with big law firms to circumvent due process. It is sublime in the perverse pleasure some get in attacking breached entities as bad and "having it coming". The FTC is outrageously unreasonable and stacks the deck against private business and health care. In the final analysis, the smugness of those that enjoy this for a living will not result in effective protection of business, patients or consumers. The FTC, in court, in my case, FTC vs LabMD, said to Judge Chappell, "There is nothing out there for a company to look to."  Shame on any lawyer who thinks that is a fine foundation for a regulator to stand on. If the FTC takes privacy so seriously they better get serious about communicating to the world. Sadly, they are too busy building an echo chamber of self-congratulation and public relations.