Patrick Burke and I have been speaking together about privacy and data protection since back in the days when US corporations and lawyers saw these subjects merely as irritations. Patrick is now eDiscovery Counsel at Seyfarth Shaw and things have changed, as I discovered when I interviewed him at Relativity Fest recently.
For one thing, the focus is not just eDiscovery any more – that may remain a primary driver for addressing privacy and data protection concerns, but it is no longer the only one. Patrick Burke is now spending more of his time on policy and on helping corporate clients be ready for the impact of the General Data Protection Regulation.
The turning point, he said, came at the beginning of 2016 when May 2018 was set as the date for the implementation of the GDPR, and the Privacy Shield replaced Safe Harbour. The subject, Patrick says, is “totally on the radar of most of his clients” and many of them (not just the big ones) are working on privacy-related projects. They are willing, he said, to “spend money to fix things and change things”.
I asked him if the prospective penalties were the main driver here or whether it was the desire to “do the right thing”. Patrick’s answer was forthright – it is the desire to “keep doing business”.