ll of our clients' needs, no matter how intricate, are within our scope of service as stated by Paul Lanois, Director of Fieldfisher. However, what sets us apart from the competition is our unparalleled prowess in the areas of energy and natural resources, finance, the life sciences, and technology. Our reputation for providing highly commercial advise to clients rests on the strength of this specialized knowledge.

Paul is an attorney—admitted to the bar in California, New York, the District of Columbia (DC), and the Supreme Court of the United States. His practice focuses on information governance, digitalization, cybersecurity, and data privacy; simply put, his work covers anything that involves the use (or transfer) of data, either within an organization or between organizations.

Paul is grateful for his opportunity to have career mentors. The partner he worked with at his first law firm (Simpson, Thacher & Bartlett) had a huge impact on his career because he got to deal on technology-related matters. He was grateful to have worked on some intriguing cloud-related projects when the cloud was in its infancy, which led to his study "Caught in the Clouds: The Web 2.0, Cloud Computing, and Privacy?" published in the Northwestern Journal of Technology and Intellectual Property in Fall 2010.

Paul has always been interested in technology and enjoys new gadgets and computer hardware, so he wanted a specialization that would benefit from his legal background. Privacy's location between law and technology attracted him. When he started, privacy wasn't as popular as it is today, and many of his contemporaries avoided privacy, security, and technology jobs because they were too technical. He said law and technology made sense to him, and therefore he was pleased to work on them. Today, he likes to look at how new uses of technology, like AI, machine learning, facial recognition, and IoT devices, give new and interesting legal perspectives.

Due to privacy advances, many clients are reviewing their privacy compliance strategies like-due to new rules or regulations, like the anticipated US state privacy laws in 2023. Organizations have refocused on their security framework like security measures, security policies, cyberattack response plans, etc. Hence, that's another area keeping Paul busy. Some of the things that are done to make sure that privacy laws are followed are data mapping, privacy policies, reviewing data processing agreements, etc.

Paul has advised on the development of intriguing new technologies like autonomous driving, VR headsets, and AR devices. He recently completed an anti-cheat tool for multiplayer games. It was interesting to see the privacy and security considerations that come into play to secure an online game and ensure that other gamers aren't disadvantaged or have a worse experience that would make them stop playing.

Paul would put in place a federal privacy law to replace the patchwork of privacy regulations already in effect. With additional privacy laws (e.g., California's impending CPRA, Virginia's CDPA, etc.), it's harder for corporations to comply in all 50 states, he notes. Federal legislation will make it cheaper for companies that do business in many states to follow the law. This will help organizations of all sizes, but especially small and medium-sized ones.

Paul says COVID-19 has shown the IT industry's resiliency and the workplace's future. Remote work and videoconferencing (using Zoom) are now common. They've also seen the practical benefits of AI-driven solutions, such as reducing background noise from the microphone, creating virtual backgrounds without a green screen, etc. 5G and Wi-Fi 6E provide high-speed connectivity. He thinks that in the future, many people will be interested in working from home or from different places.

Compliance with the increasingly complex global privacy law framework is often difficult. Privacy laws may give consumers similar rights, but they are not exactly the same in every country. This means that organizations have to deal with local differences and specifics, explains Paul.

Paul explains they are looking at a growth in data volume and complexity driven by an increase in data collection across virtually all industries; multiple data types; multiple channels; multiple data inputs (e.g. embedded, IoT); and an even broader adoption of AI and machine learning.