With a growing regulatory compliance landscape and subsequent organizational obligations, privacy lawyers must serve as translators to help companies keep up. Troutman Pepper Locke Partner David Navetta said his technological background has been a crucial skill when helping organizations navigate complex web of digital matters.
"I sit between a lot of very different people with different viewpoints who sometimes speak different languages effectively, and I try to make it all work for them, whether it be a privacy issue or a data breach," Navetta said.
Navetta joined Troutman Pepper Locke in February, though his extensive background in privacy litigation began in 2002. He was able to combine his existing law career with his interest in technology and privacy.
Navetta began when privacy was a smaller, less robust field. Now it feels as though privacy, security and artificial intelligence concerns "just sort of seep into all the cracks everywhere," he said. "I feel fortunate to have caught the wave when it was smaller, and now it's almost a tsunami."
The role at Troutman is the latest step in a privacy career focused organizational compliance.
Navetta was a founding partner of InfoLawGroup, a law firm dedicated to advising companies on complex data security, technology and advertising issues. Before Troutman, he served as a partner at Cooley, where he was recognized by Cybersecurity Docket as a top data breach response lawyer in its annual Incident Response 50 list.
Working in various aspects of privacy law and compliance has allowed Navetta to gain a well-rounded approach to guiding clients through a range of regulatory entanglements. "Not only do you have to know all the things that are changing constantly out in the world, substantively, you have to be able to do a lot of different things from a skill set," Navetta said.
"Handling a litigation matter or data breach is very different than providing strategic advice on some sort of privacy compliance issue," he added. "So, it makes you very well-versed in the area, because you end up seeing the problem from different vantage points and angles, and each of them sort of reinforces the other areas that you practice in."
Navetta's comprehensive legal strategies align with Troutman's "360 model," which aims to use innovative solutions when advising organizations. The model works to ensure sure clients "are well versed in what happens when everything goes wrong in the back end" to avoid legal challenges while allowing companies to grow.
The advancement of AI technology has created unique growth opportunities for organizations. Amid the race to implementation, Navetta noted companies training AI algorithms must carefully comply with data consent obligations to avoid enforcement or data protection concerns.
"The value of data and personal information in particular has become so strong and high that you know to not get this right, the stakes are much higher," Navetta said. "It's not just a regulatory action that you have to face or litigation. It's, 'Hey, can we actually do the business that we would like to do? Do we have to kind of go back and try to get everything fixed?"
To address these challenges, companies are looking to take a more proactive risk-based approach to assess data protection concerns. Navetta said increased regulation, domestically and globally, covering the wide spectrum of overlapping digital fields will require more legal experts.
"There's going to be a realization that these laws are really table stakes when it comes to the data economy. And so, I think there's just going to be more effort needed, and more lawyers and skills employed in this space," Navetta said.
With the privacy community in particular, Navetta said there should be an aim "to build itself up more," through hybrid roles, combining technology and sector-specific skills with legal knowledge. "The more that people can have diverse backgrounds and skill sets that pull from all those areas, the more successful they'll be," he said.
Lexie White is a staff writer for the IAPP.
