TechBytes with Amy Yeung, General Counsel and Chief Privacy Officer at Lotame

TechBytes with Amy Yeung, General Counsel & Chief Privacy Officer at Lotame
TechBytes with Amy Yeung, General Counsel & Chief Privacy Officer at Lotame

Hi Amy. Tell us about your journey into data privacy.

My data privacy “dive into the deep end” started with ZeniMax, a domestic game publisher. They set their sights on becoming a global gaming publisher with a global software platform footprint. Today, we’d call that SaaS, but at the time, the concept was radical and, paired with the competitiveness of the industry and the breadth, it was an ambitious project.

We quickly realized to accomplish these goals, we’d need to figure out how to move a lot of information essential to creating a top-rate user experience very quickly from all parts of the globe. I took on the SME role for data privacy for both the product and enterprise side of the business.

And, how did you land at Lotame? What inspired you to take up a role in a data management company with your background previously managing vastly different portfolios in legal and compliance?

Several factors played a role in my decision to join Lotame. Throughout my career, I’ve joined companies at some critical pivot points, whether it’s accelerated growth or as a turnaround and all have been in a space that has been rapidly evolving: Software, Technology, Big Data, and Analytics.

Lotame operates in the fastest moving space of MarTech, where the foundation keeps shifting rapidly. And yet, Lotame has stayed the course and grown over its 13-year history. As the industry now tackles privacy and compliance, Lotame has this incredible opportunity to lead that conversation through its “do the right thing” DNA and deep experience in GDPR and CCPA. This is where I can add value in navigating the unknowns — and there are a lot — as well as anticipate what’s to come.

Where other companies might be panicking about, for example, the phaseout of third-party cookies on Google Chrome, Lotame is energized and aggressive in helping everyone in the industry find solutions to our collective challenges.

What is the approach you often take to build a Data Privacy and Management team? What kind of talent and skill do you usually seek and hire for? What challenges do you meet in building effective Data Privacy teams?

As with new hires across the business, I’m looking for exceptionally bright people who are diverse in thought and spirit and approach their work from a holistic, big-picture POV. My team requires a number of different skills and palates that complement each other so there is room for growth and an opportunity for everyone to learn from each other.

The challenge in data privacy is that the pool of people with deep experience in the space is very small. GDPR certainly threw a lot of people into the deep end and in so doing, expanded their experience, and it has broadened the conversation and perspectives on data privacy, which is great.

I also am on the lookout for people with a keen sense of judgment that’s been applied in a number of different experiences and environments. What that reveals to me is innate adaptability and flexibility. This industry shows no signs of slowing down so being able to move fast, absorb, and synthesize with immediate takeaways and actionable solutions goes a very long way.

What legal tech solutions do you rely on to stay on top of your game?

I rely on a number of sources and technologies to stay sharp. I’m a regular reader of industry news, such as from IAB and IAPP, two organizations focused on data privacy. ESOMAR provides a global POV, which is critical as our world grows even more connected. I also skim at least two newspapers daily, one being international.

In terms of tech, I use Notability, a note-taking software on steroids. It allows me to record, visualize, snippet, and synthesize important information from virtually any format in one central place.

In the last 5 years, how much have the online data privacy and the data management businesses evolved?

In a word, tremendously. We’ve seen a tectonic shift from a period in which the mention of “privacy” might perk up a few ears to a time where everyone in the room is alert and deeply concerned. And, that concern is both on a professional level and a personal level as we are all consumers sharing our own data with the brands we know and trust — and unfortunately the bad actors out there.

I’ve also noted a real development in the sophistication of understanding of data privacy. Five years ago, it was de rigueur for data privacy and security to be conflated and confused.  Now there is a hyper-awareness among companies and consumers with data collection and its use cases, as companies work to understand and comply with new and changing privacy laws.

CCPA recently came into effect. GDPR has been there for some time now in the EU. How do these data privacy regulations impact your industry?

It’s clear we need industry-wide change to thrive, remain competitive, and deliver what consumers truly want and need. GDPR taught the industry a hard lesson, and if we don’t want to be wholly reliant on one to a few companies to implement “the solution,” then we need to work together to do the right thing for everyone involved, business and consumers.

I’m intrigued by the idea of an open set of standards in self-regulation that we all adopt or an open-source solution that everyone applies agnostically. From my view, it’s a shared problem across the industry that can benefit from a shared solution.

How have you managed to keep your data governance policies intact? What foreseeable changes should CEO/CMOs make to ensure they adhere to various customer data privacy regulations that are currently in place?

Say what you’re going to do and then do it. It’s as simple as that. CCPA was a good reminder for brands and publishers to revisit their privacy policies. How many emails did you get about a company’s change in privacy policy? I received a bunch that detailed in a transparent way how they collect and use data. The privacy policy reflects that. But privacy policies must be a living thing that changes as the industry changes and regulations change.

My advice to CEOs and CMOs is to build working groups or workshops to think about an industry-wide solution that provides customers and companies with the transparency and clarity they deserve around how data is collected and moved.

Lotame has created a private LinkedIn group for conversation across the industry on the Google Chrome Privacy Sandbox news. It’s small steps like this today that can move the needle and more importantly, move us all to action.

What would be your advice to young legal tech professionals who are looking to build a career with data and analytics-related companies?

I have three tips to be successful, not just in legal tech, but in all business:

1. Develop your understanding and knowledge of how business works. Learn the language, study the principles, read a variety of sources to develop your base knowledge.

2. Engage in the world and expand your POV beyond local and national borders. This commitment to being a citizen of the world is lifelong and will help you nurture your empathy, collaboration, and leadership skills.

3. Lastly, this industry moves incredibly fast so make sure you can move as fast and are able to distill information quickly and effectively.

Tag the one person in the industry whose answers to these questions you would love to read.

We’re a small industry that benefits from listening to voices outside our echo chamber, although there are many brilliant minds I’d love a few hours with. But I’ll tag the leading legal mind outside the industry whose opinion on data privacy I’d be intrigued to hear: Ruth Bader Ginsburg. She’s no stranger to tangling with opposing points of view, breaking new ground, and changing minds — all the while doing so with integrity, clarity, and conviction.

One superwoman/literary fictional character that you would like to play in life –

Wonder Woman. I mean, come on. She’s phenomenal. She has incredible will and determination; an ambassador; and also pulls the truth out of everyone and does so with elegance and grace. Plus, who wouldn’t want an invisible plane? I’ve had the chance to meet Lynda Carter (who played Wonder Woman on TV) and she embodies so many of these characteristics.

Amy Yeung is a General Counsel and Chief Privacy Officer at Lotame.

lotame logo

Lotame is the world’s leading unstacked data solutions company, helping publishers, marketers and agencies find new customers, increase engagement, and grow revenue through audience data. Our real-time data management technologies, global data exchanges, and award-winning customer service make us the unrivaled, unstacked choice for clients that want a flexible, scalable and cost-effective antidote to walled gardens from the large martech stack companies. As the pioneer data management platform thirteen years ago, Lotame has continuously innovated to become the trusted data solutions company for global enterprises.

Picture of Sudipto Ghosh

Sudipto Ghosh

Sudipto Ghosh is a former Director of Content at iTech Series.

You Might Also Like