In July of 2021, three different technology businesses were ordered to pay a total of $3 million in civil fines for infringing upon the data privacy rights of children through the use of the colouring book app known as ReColor.
According to the allegations, the companies KuuHuub Inc., Kuu Huub Oy, and Recolor Oy violated both the Federal Trade Commission Act and the Children’s Online Privacy Protection Act of 1998 by collecting personally identifiable information from children under the age of 13 without first obtaining the consent of those children’s parents (COPPA).
They were also compelled to remove any and all information that they had gathered from the minors, ensure that any data that had been sent to third parties was deleted, and reimburse any payments that had been made by underage subscribers.
Amazon was issued a punishment totaling €746 million ($887 million) in July of last year for engaging in targeted advertising activities that were found to be in violation of the General Data Protection Regulation of the European Union (EU) (GDPR).
In the modern digital age, where data transfers and transactions frequently take place across international and intercontinental boundaries, it is essential for businesses to ensure that they are in compliance with data privacy rules at the state, federal, and even international levels.
Individuals, who are almost always the focus of data collection and processing, also have a responsibility to educate themselves on the data privacy rights that are theirs.
Here’s when lawyers that specialise in privacy come in handy. This article offers a summary of who a privacy lawyer is, what a privacy lawyer does, and how someone might begin a career in the field of privacy law.
An Explanation of the Privacy Laws
The most frequent definition of privacy law is “the collection of laws that pertain to the acquisition, storage, and use of personal information.” Privacy law is a broad and generic subject of law that covers a wide range of topics. We have all, at some time in our lives, divulged private information to either public or private organisations, and it’s possible that we do it on a regular basis.
This is something that we do when we submit an application for a driver’s licence, when we buy something online with a credit card, when we sign up to watch our favourite shows on a streaming app, when we consult a doctor in a physical or virtual space, when we post about our most recent travel adventures on social media, and in a variety of other situations.
On the other hand, this does not mean that these commercial or public organisations are free to do anything they like with the information that has been provided to them.
Privacy rules provide specific restrictions on what both public and private organisations are allowed to do with the information they collect. The laws also impose standards in order to ensure that the data is stored and processed securely, in order to uphold each individual data subject’s right to privacy.
Privacy laws are enforced on both the state and federal levels. For cross-border transactions, a foreign jurisdiction’s data privacy laws may also be applied, even to U.S. entities, such as in the case of Amazon in the European Union.
What Does a Privacy Lawyer Do?
In a nutshell, privacy lawyers specialise in general and specific areas of privacy law. There are different ways to categorise privacy lawyers. With regards to the general areas of practise, they may be involved in either compliance, litigation, or both.
Data Privacy Lawyer: Compliance
An information privacy lawyer may either work for a law firm or in-house in order to help ensure compliance with privacy laws. They are usually responsible for creating information security policies, protocols, and processes, while ensuring compliance with state and federal privacy laws, as well as foreign jurisdictions’ and international privacy laws, if necessary.
Privacy Law Attorney: Litigation
When companies or government entities sue or get sued for breaches of privacy law, that’s when litigation attorneys come in. In the event of a data breach, for instance, the litigation attorney may advise their client on how to deal with the legal repercussions, especially when they end up being sued in court. They may also be responsible for representing their client in cross-border litigation.
What Subject Areas Should Be in the Privacy Lawyer’s Portfolio?
Privacy law encompasses various laws on the state, federal, and global levels. That’s why a privacy lawyer should ideally be knowledgeable on various areas involving the right to privacy. This includes:
Privacy Torts \sFair Information Practices and Principles
- Health Information \sInternational Frameworks
- Financial Information
- FTC Enforcement \sLaw Enforcement (4th Amendment and Electronic Communications Privacy Act) (4th Amendment and Electronic Communications Privacy Act)
- Government Records (FOIA and Privacy Act of 1974) (FOIA and Privacy Act of 1974)
- National Security
- Big Data \sMarketing and Behavioral Advertising
- Social Networking
- Children’s Privacy \sState Attorneys General Enforcement
- Information Security
- Data Breach Notification
- Workplace Privacy \sGenetic Information
- GDPR and EU-U.S. Privacy Shield framework
- Practical Obscurity and Court Records
Although it is not necessary to be an expert in all these areas, one can build a better career as a privacy lawyer with a wider area of expertise. Even general practitioners can benefit from some level of familiarity with privacy laws. That is because at one point or another, anyone dealing in any industry will inevitably have to face privacy and data security issues, whether they’re in health care, media and communications, education, technology, retail, agriculture, services, and even nonprofits and charities.
How to Become a Privacy Lawyer?
Aspiring lawyers still in law school will definitely benefit from taking tech-related courses as early as possible. Some of the most lucrative areas of privacy law involve cybersecurity and technology law. It would also be great to explore internships while still in law school.
For those who are already practising lawyers who wish to make a career shift into privacy law, they can still take postgraduate courses or fellowships. This will open up more opportunities to apply to firms that specialise in privacy law or to government agencies that need privacy compliance lawyers.
There are various career tracks to explore in privacy law, so there isn’t a one-size-fits-all approach to starting a career in this field. Many privacy lawyers, however, start getting hands-on training by working in a law firm. As the field is constantly evolving, there is always room for growth and new opportunities.
Conclusions and Final Thoughts
Information is the new currency of this digital age. Compliance with privacy law not only shields businesses and government entities from having to pay huge fines or spend on costly litigation; it also protects individuals from privacy breaches that may compromise their personal records and financial or health privacy. Besides, an ethical business must always ensure that they respect their customers’ and users’ rights to privacy and confidentiality. Thus, privacy lawyers also play a pivotal role in upholding the integrity of their clients’ business operations.