Selected as one of Global Data Review’s “40 under 40”

GDR: Brazil to make credit score registration automatic - VMCA

In its infinite wisdom, the Global Data Review recently selected me for their “40 under 40” publication. With 40 under 40, GDR profiles
“individuals under the age of 40, hailing from around the world, who represent the best of the upcoming generation of data lawyers”, according to the award report.

As with all of these sort of publications and awards in the legal profession, your firm tries hard to get you on the list. So the selection is not entirely coincidental, and candidates that enjoy the support of their respective employers obviously have an edge (thanks, De Brauw). Still, it’s nice to browse the list of laureates and read their interviews, especially if you’re looking for a particular skill or help in a jurisdiction you’re not directly familiar with. My interview is copied below.

40 under 40 2021

What do you do?

As a litigator and advisor, I work on landmark data and technology class actions and investigations by regulators, cutting-edge data and technology projects, and cybersecurity incidents. As a researcher and writer, I publish in academic journals and have a monthly column in the Dutch Financial Times on the law and politics of our data age.

Why data?

It must have been the World Cup of 2006, when a friend used his brand new smartphone to secretly snap a quite embarrassing photo of me being quite displeased with the Dutch football team, dressed as an Orange. He immediately posted the personal data to the emerging social network Hyves and comments flowed in within seconds. It was there and then I realised that data protection would become my profession.

What’s keeping you busy?

At De Brauw, we’re assisting clients in proceedings that will shape the data protection field for years to come. Central themes include machine learning, profiling, adtech, balancing data portability and privacy, but also crucial debates around the admissibility of litigation funders as stakeholders in data mass claims.

What mentors or other influential figures have helped you get where you are today?

Discussing the state of the world and my place in it with Professor Victor Halberstadt is always a huge inspiration. Professor Joris van Hoboken challenged me to think deeper and harder about vexing legal and public policy questions. And of course Geert Potjewijd, seasoned partner in our firm, co-head of our data practice and strategic litigator par excellence.

If you could change one data-related law, how and why would you change it?

The Dutch government recently proposed a legislative monstrosity called the WGS, which basically allows public and private organisations to form ad hoc organisations that facilitate massive data sharing for fraud and crime prevention purposes, without any meaningful privacy safeguards or oversight. It’s a blatant affront to human dignity.

How has covid-19 affected what you do?

Professionally, I’m fortunate enough to say: not much really, apart from the clichés. We’re busier than ever. I feel very sorry for the youngsters starting a professional career (or studies, for that matter), in these lonely and challenging times, and wonder if we’re supporting them sufficiently.

What’s the next big thing – what data opportunities are companies now looking at?

Machine learning, of course, but the very best in class are investing in homomorphic encryption. This technology will, one day, allow advanced analytics on fully encrypted datasets, enabling commerce while preserving privacy.

What’s keeping companies worried at the moment – what are some key data risks?

Data mass claims, hands down. Companies are waking up to the reality that many privacy laws around the world, notably the GDPR, are paving the way for collective actions that bundle relatively small damage claims with millions of claimants, potentially resulting in multi-billion euro claims against a single company.

What do you do to relax?

Yesterday, I danced to Shostakovich’s Jazz Suite with my three daughters, created a deep fake to rickroll friends and colleagues, and watched the greatest movie about data protection of all time (The Big Lebowski).