GDR 100 Elite interviews: Covington & Burling's Lindsey Tonsager
February 18, 2022, Global Data Review
Lindsey Tonsager was interviewed by
Global Data Review in the first of a series of GDR 100 Elite interviews about the FTC’s rulemaking process and how cross-border data transfers are the most pressing issue facing companies today.
Lindsey highlighted the pace at which new privacy laws and regulations are being enacted as the biggest change in cyber law since she started. "One thing that hasn't changed," she added, "is that there are these common baseline principles that you'll see again and again, across the various privacy laws – things like being transparent about how you're processing information, how you're using it, providing consumers choices over how their information is used, or otherwise having a legal basis and the like."
When asked if there is anything emerging within the areas of advertising, AI, or children's privacy, Lindsey responded, "For artificial intelligence, I think the biggest thing folks are watching is how harmonized the international frameworks end up being, versus how fragmented regulators are and their approach."
She elaborated on children's privacy, as well, identifying a big area to watch being "potential differences between what's happening in Europe around children's privacy, like with the UK's Age Appropriate Design Code and other children's privacy principles, compared to what companies must do under the [US] Children's Online Privacy Protection Act."
"There's always questions about whether or not the law can keep up with technological change," Lindsey responded when asked about regulations ability to keep up with changes accelerated by the pandemic. "In my experience, generally speaking, our laws on the books are pretty flexible." She opined, "Where we tend to get into trouble in terms of inconsistent requirements across different jurisdictions, is when the law tries to get too prescriptive for a particular technology. And that's not to say that new technology shouldn't be regulated. I think it's just really important to look at: ‘Where does our existing law provide sufficient coverage, and is there a delta because of this particular technology that we need to look at additional regulation?’"
Lindsey concluded by stressing cross-border transfers as the area of data privacy law and regulation in the most urgent need of clarification. She explained, "Businesses operate on a global basis, and it's not very efficient to silo data based on borders, as opposed to where your customers and workers are around the world. So I think solving the question of what companies need to do post-Schrems and the invalidation of the Privacy Shield is the most pressing question facing companies today."
Click here to read the full article.
Back
