A data protection powerhouse, Jade has worked on internet public policy and digital economy issues for over 15 years, and has focused experience on global privacy frameworks.
Next month, Jade will be appearing exclusively at PrivSec World Forum to discuss how data protection teams and security teams can work together more effectively. The talk comes at a time when professionals from both disciplines find themselves increasingly called upon to solve some of tech’s toughest challenges.
Jade’s session sits within a two-day agenda of content-rich insight and guidance at PrivSec World Forum, taking place on June 7 and 8 at the Park Plaza, Westminister Bridge, London.
Sponsored by OneTrust, PrivSec World Forum is part of the Digital Trust Europe Series. The event brings together thought leaders and subject matter experts for an exploration of the issues defining the data protection, privacy and security sphere of today.
We spoke with Jade about her professional journey to date, and to learn more about how senior figures in data protection and security can bridge gaps to help safeguard consumers.
Could you outline your career pathway so far?
My career in privacy and security really kicked off when I was at the State Department in Washington. I had been interested in privacy and security while I was still in law school, particularly in light of the AOL data leak.
When I joined the State Department as a Presidential Management Fellow, I worked in the office of communications and information policy, and I covered privacy and cybersecurity discussions at the Organisation for Economic Cooperation and Development (OECD) and other fora.
After that, I moved to the National Telecommunications and Information Administration in the US Department of Commerce as they were working on a number of privacy initiatives. I also advised on international cross-border data flow issues and other Internet policy issues, including Internet Governance and cybersecurity.
In late 2014, I moved to London and got more hands-on GDPR compliance experience as a consultant at Promontory, an IBM company. Then I moved to the GSMA, a trade association representing the mobile industry, where I worked on a range of topics including privacy, security, and data for good.
Moving to TikTok gave me the opportunity to look at these issues from another perspective, and to work with a diverse group of cross-functional stakeholders. It’s been amazing to work with such a dedicated team across a range of disciplines, including privacy and security.
What’s holding data protection and security professionals back when it comes to collaborating effectively?
At the high level, I think the way privacy teams and security teams think about risk assessments can be different. In a European context, if you’re thinking about privacy risks, you’re thinking about upholding the rights and principles enshrined in the GDPR. You’re not just thinking about risks to confidentiality, integrity and availability. Obviously, in practice this is more complicated, but as regulation develops, I think the types of risks organisations should consider will continue to grow, and it will be important to have relevant stakeholders at the table to work together.
What are the primary lessons that an organisation’s data protection and security professionals can learn from one another?
I think it’s useful for privacy and data protection professionals to talk about trends in their respective fields, so that they’re aware of the direction of travel before a new regulation comes into force.
For example, if security professionals need to implement certain technical requirements because of European regulatory guidance, it’s better for them to know as early as possible.
Also, I think privacy and security teams can share information about how they present information to non-privacy and security professionals in their organisations. Sometimes both cybersecurity and privacy can seem dense or confusing, so it might be difficult to figure out the best way to ‘pitch’ these issues to others internally. I think sharing lessons learned could be really helpful.
What solutions do evolving technologies offer for data protection and security professionals in their bid to work together more efficiently?
I’m personally really excited about privacy enhancing technologies – basically technologies that minimise or anonymise personal data so that the data can be utilised whilst minimising privacy risks.
Across the industry, as organisations implement privacy enhancing technologies, like differential privacy, homomorphic encryption, and multi-party computation, this will likely involve a range of teams, including privacy and security. Hopefully these tools will not only increase privacy and security protections for individuals, but they’ll help privacy and security teams work more efficiently by minimising risks.
→ Session time: 10:00-10:30 BST
→ Date: Wednesday June 7, 2022
→ Venue: Park Plaza Westminster Bridge, London
PrivSec World Forum is also available on-demand for global viewing