Careers
Created with

The tech revolution through the eyes of a data privacy lawyer

By on

Ahead of this evening’s ‘Secrets to Success’ event in Manchester, Pinsent Masons senior associate Rif Kapadi reflects on the far-reaching implications of GDPR

Rif Kapadi

Data has the potential to revolutionise the way clients and lawyers work. Clients are already looking for tech solutions in relation to legal service delivery to maximise efficiency and hit deadlines. It is a question that often arises at client pitches.

Equally, just as Netflix and Amazon utilise user data to offer customers a personalised streaming or shopping experience, law firms, too, could in theory use data to identify and cater to some of their clients’ needs. Yet, according to Rif Kapadi, a senior associate in Pinsent Masons’ privacy, technology and commercial team, it may be a while before the legal profession, known and trusted for being typically risk averse, gets fully on board with this type of retail approach to servicing clients. He tells us:

“It’s just about getting that balance between what’s technologically and legally possible and then what clients are ready for — and I’m not sure if they’re ready for that just yet.”

Although tech is here to stay for law firms and their clients, caution around privacy is proving to be constant for the tech revolution. Not only do clients seek legal advice on privacy and tech issues, but they are also increasingly seeking assurances that their own data and information is robustly protected, says the University of Leicester law grad.

As law firms increasingly shift away from paper-based filing systems, they become a wealth of electronically-stored, sensitive information. As a result, firms, like any other business have to become more diligent in protecting themselves against cyber-incidents to ensure data doesn’t fall into the wrong hands. “It’s fair to say, data is a top five concern for nearly every boardroom,” Kapadi explains.

Kapadi reflects on the Cambridge Analytica scandal which used the Facebook data of tens of millions of people for political advertising purposes. Following reports of its illicit data-sharing tactics last year, the British political consultancy firm filed for insolvency. For Kapadi, the privacy scandal demonstrates that “a client can get into trouble, destroy a hard-earned reputation and even go bust very quickly” if they misuse data.

Legal measures have been invoked to bring personal data laws into the twenty first century. Standing out is the General Data Protection Regulation (GDPR), said to be the largest shake-up to data privacy in two decades. A framework designed for the modern digital age, the European privacy law established clear guidelines aiming to harmonise on how data is collected, stored and ultimately regulated.

The application deadline for Pinsent Masons' Training Contract 2021 (England and Scotland) is on Friday 19 July 2019

Although, following its implementation last year, the GDPR has put businesses on edge (especially in light of the hefty fines and stop order which can be imposed if breaches occur), Kapadi believes its arrival has changed the market place for the better. Requiring greater transparency in how data is processed assists to curtail the chances of privacy-invasive tactics being employed — and the new individual rights empower consumers in the process. So, when Kapadi, who practises in Pinsent Masons’ Manchester office, is advising retailers on whether data sourced from in-store tracking is collected fairly; or negotiating with financial services providers on the storage of customer data in a cloud environment; or even acting on disputes that ensue from misusing or losing data, it’s GDPR and reputational impact that clients are very concerned about.

The life of a privacy and commercial lawyer is not without its pressures. According to Article 33 of the GDPR, data security breaches must be reported within a tight time frame of 72 hours after first being discovered — at which point, Kapadi says, “it’s all hands-on deck” to investigate the extent of any damage and put in place mitigation steps.

That said, West-Yorkshire born Kapadi admits to enjoying the challenge: “One of the reasons I love being a privacy lawyer is the problem solving aspect of the job.” It was critical thinking, detailed analysis and persuasive reasoning that first attracted Kapadi to legal practice away from some more commonly tread family paths, such as medicine and independent business. Just as important as problem solving, however, is empathy. Kapadi explains:

“One question I often find myself asking is: ‘How I would react if this was my own right to privacy, my data, or the data of my son or daughter?’ So, on the one hand, I’m considering legal problems — drafting contracts, interpreting legislation and, on the other, raising ethical questions and considering a project from a human rights impact and consumer perspective.”

So, what does this mean for lawyers of the future? Being tech-savvy and fluent in code is great and can be a great “in” or “sell” that will impress recruiters and clients alike (as is any other wider area of non-law expertise), but successful candidates will need also to be conscious of the risks and opportunities that riding the tech wave brings.

The application deadline for Pinsent Masons' Training Contract 2021 (England and Scotland) is on Friday 19 July 2019

Rif Kapadi will be speaking alongside lawyers from Bryan Cave Leighton Paisner (BCLP) and Freshfields at tonight’s ‘Secrets to Success’ event, at The University of Law in Manchester. You can apply for one of the final few places to attend the event, which is free, now.

About Legal Cheek Careers posts.

Related Stories