TechBytes with Pauline Wen, Chief Privacy Officer and Corporate Secretary at Lucid

Hi Pauline, please tell us about your role and the team/technology at Lucid.

I wear a few hats at Lucid – as General Counsel, I am responsible for all legal matters, which on any given day can include almost anything, such as commercial contracts, employment matters, privacy, intellectual property and compliance matters. As Chief Privacy Officer, working closely with IT, Product, People and other teams, I work on data privacy which could involve personal information/data about employees, survey respondents, and partners or vendors. I also negotiate contracts and provide product advice, and may deal with a security incident. I am so excited to join such a talented team of people at Lucid who have effectuated such a change in this space.

From working with large media and advertising brands, what inspired you to join Lucid?

I have been involved in the ad tech industry since its inception (from a publisher’s standpoint) and have had a front seat as it has evolved. Lucid’s programmatic platform leverages my programmatic ad platform experience and applies it in a different, but related, industry. In addition, Lucid’s Audience products make me feel so much at home, as they directly serve the advertising and media spaces. The opportunity to apply my experience to such a dynamic company made my decision easy.

How is the Privacy’s Officer’s role different from that of a Chief Data Officer? How do you work with other C-level executives, especially the Chief Information Officer?

I view the Chief Privacy Officer as an equal partner to a Chief Data Officer – two horses pulling the same cart. The CDO’s role (similar to the CIO) is to strategize on data and the CPO’s role is to strategize on how we can responsibly collect, use and protect data; together, we figure out the best way to do that. Similarly, the Chief Information Security Officer and Chief Privacy Officer are two sides of the same coin, ensuring that we protect the data that we have – in fact, some of my best partnerships have been with the CISO. Relationships with other C-suite execs, such as the CTO and the COO, are also key to strategically effectuate the company’s goals in a privacy- and cybersecurity-conscious and responsible way.

Hear it from the pro: How does privacy measures impact Sales and Services?

Privacy affects every aspect of every business these days. Everything you do on a mobile app or website involves the collection of personal data. So many sales and services processes occur on a digital platform, so what you collect, who you share it with and for what purposes becomes key.

We just celebrated GDPR’s second anniversary. CCPA also became a law earlier this year. How do you see GDPR and CCPA strengthening the global/regional data privacy governance?

These laws and others have made privacy a market differentiator and heightened the importance of responsible data collection and use. It has made these issues front and center and it’s a good thing. With more awareness comes more thoughtful practices.

Why should all modern organizations combine legal and cyber security measures?

In my view, cybersecurity is a key element of any organization – both to protect against unauthorized disclosure or access to personal information and to protect competitive information. In addition, there are legal requirements to appropriately protect information in a manner that takes into account the sensitivity of the information you have. You need to protect yourself from hackers and others who may try to access the information (personal and competitive) you have.

How much has the Chief Privacy Officer’s role evolved in the last 2 years?

The CPO role started more as a compliance role, but I’ve seen Privacy evolve to being more embedded in a business’ DNA such that privacy has become part of the technology development life cycle and is considered from inception. I arrived at Privacy from a product, commercial deal and technology perspective, rather than a compliance perspective, so I’m happy to see this evolution.

When customers are picking convenience over experience, how is Lucid ensuring consumer data privacy in the digital space?

Lucid has always maintained a light footprint in what is collected from survey respondents on the Lucid platform. We don’t ask for respondents’ name, email or other contact information, and we also are upfront through our consent.

As a Privacy advocate in the tech world, what advice do you have for the legal and security professionals when it comes to up-skilling and career focus?

Privacy has become embedded in our everyday lives and has become important personally and professionally. If you have a professional interest in privacy and cybersecurity , there are many industry groups where you can become more educated on privacy and cybersecurity.

If you have been a lawyer for a while and are looking for a change, you can approach it like I did, after spending time as a product and deal lawyer where privacy became increasingly important, or you can approach it from another legal specialty, such as litigation or compliance, and pivot professionally. In the end, follow what interests you and it’s never too late to make a change.

If you’re just starting out, I know privacy is now offered in law schools, but I encourage those entering the legal profession to get a well-rounded experience.