The Chair’s Column, July 2025
By Two recent personal events had me thinking lately about the tension between innovation and individual rights, and the risk decisions we make to find a happy medium. The first event was the purchase of a car, necessitated by someone rear-ending my 2004 Honda. Being from Cleveland, it is logical to me to drive a vehicle into the ground, and I was perfectly happy with my ride. (So were the mice in our garage, but that is another story. I will say, however, that Irish Spring soap does work.) Although my kids derided me about the low tech, I didn’t realize what I was missing until I started driving the new car – a previously owned 2019 model with a more fulsome tech package. I had a fleeting thought about vetting the apps before connecting my personal devices, but with the promise of life-changing results, I forged ahead and am happily enjoying the benefits. An easy risk decision. The second event was our power going out as a result of a recent storm. Our power did not just go out for a few hours like our neighbors. Instead, when the electric company fixed the problem, the power surge killed our aging breakers, and we were without power – for over . . . twenty . . . four . . . hours. (Ellipses for dramatic effect. It actually wasn’t so bad.) I learned, however, that a high-end smart breaker panel may have given us some warning, and at the very least saved me from a bad hair day. But smart devices mean sharing information. And again, there’s that tension.
Privacy and data security often is a battle between innovation and convenience on the one hand, and individual rights on the other. As privacy lawyers, we’re constantly assessing whether the risk is worth the benefit. That often is not an easy task, because many privacy laws are new, and the technology and threats are constantly evolving. What makes practicing in this field exciting – watching an evolving field and having the sense of shaping something – is also a source of frustration. There is a lot of gray area, and that makes our jobs even harder.
These realities make collaboration and good resources important. Being able to benchmark with colleagues about whether a risk assessment is in fact required for that automated decision or finding a solid blog post that summarizes the latest decisions on pixels can make us better lawyers and make our practices more enjoyable. The NCBA Privacy & Data Security Section’s objective is to provide these opportunities for our members. Each year, we hold a day-long CLE covering developments in privacy and data security along with practical advice from some of the top practitioners in the state. This year, our CLE will be on Friday, October 24. In addition to providing an overview of recent regulatory developments, we’ll be diving deeper into privacy and data security in the financial services and health care fields. And, with an eye towards the practical, we’ll have an hour-long session devoted to contracting issues related to data privacy (including drafting data protection agreements) and a session on practical privacy tech. We’ll finish with an ethics session on the attorney-client privilege in dual-purpose communications. Mark your calendars now and watch out for an invite with registration details.
We’ll also continue our virtual fireside chats – more informal than a CLE but just as informative – covering important issues in the practice of privacy and data security law. And don’t forget about the NCBA PDS listserv. It is a great way to interact with your PDS colleagues.
If you’re looking for more interaction, join one of our committees. A list of committees is available and you can sign up online. You can also give back to the community by volunteering through the Opt-Inspire program. Developed by Alex Rogers, the Opt-Inspire program pairs volunteers with nursing homes to educate residents on identity theft threats and prevention. The sign-up for Opt-Inspire is available online.
Stay tuned throughout this year for more resources and (fingers crossed) a section LinkedIn page. And if you want to get involved, or just complain about the latest amendments to the CCPA regulations, reach out. Definitely a low-risk, high-reward choice.
Karin McGinnis serves as the 2025-2026 chair of the Privacy & Data Security Section.