Marcy Wilder walked into her boss’s corner office at law firm Hogan Lovells in 2010 with an idea that seems quaint in retrospect: Start a team dedicated to cybersecurity and privacy.

Many companies at the time were only beginning to face the threat of cyberattacks, and the European Union hadn’t yet set off a global chain reaction of privacy laws. Hogan Lovells didn’t issue a press release after it created the practice group, Ms. Wilder said, “because no one would have been interested.”

Since then, her team has grown to about 85 lawyers amid a global boom in the field.

“Times have changed,” said Ms. Wilder, who specializes in health privacy and co-leads Hogan Lovells’s privacy and cybersecurity practice.

Regulators from Sacramento, Calif., to Brussels in recent years began enforcing laws to rein in what companies can do with personal data, while nations such as China, India and the U.S. are considering national rules of their own. High-profile data breaches, coupled with a surge in cyberattacks on remote workers during the coronavirus pandemic, upped the ante for such protections, consumer advocates say.

The looming need for privacy pros—and attorneys in particular—brings to mind the iconic line from the 1975 thriller “Jaws,” said J. Trevor Hughes, president and chief executive of the International Association of Privacy Professionals, a trade group.

“We’re gonna need a bigger boat,” he said. Mr. Hughes estimated that over a third of IAPP’s more than 65,000 global members are lawyers, with other roles including software engineers, analysts and corporate data protection officers.

Companies that rely on customer data to anchor their products and services are driving demand for much of the legal talent, with some startups paying privacy lawyers as much as general counsels, said PJ Harari, a partner at the legal recruitment firm Major, Lindsey & Africa.

“If it’s a tech company or a health-care company, it might be their second hire,” Ms. Harari said…

…Chief privacy officers have long managed such issues in heavily regulated industries such as financial services and health care, privacy experts say. But the role is now more common at other organizations, such as Carmel, Ind.-based car auctioneer KAR Auction Services Inc. and ad agency Universal McCann, which both named their first CPOs this year.

Arielle Garcia, chief privacy officer at UM, part of Interpublic Group of Cos., isn’t a practicing attorney. But she said her law degree has been crucial in understanding dense legal texts and applying them to day-to-day operations, including by training and appointing a staffer as “privacy champion” of each client account.

“A lot of questions are going to the privacy legal team where, truly, they need a partner on the business side,” Ms. Garcia said. Understanding how data is used differently across platforms such as Facebook Inc. and Alphabet Inc.’s Google is crucial to crafting advertising strategies, she said.

Coordination similarly is key in New York, said the city’s chief privacy officer, Laura Negrón. Formed in 2018, Ms. Negrón’s six-lawyer team evaluates data collection and usage by 175 agency-level privacy officers across city government, including for its Covid-19 contact-tracing program.

Read Full Article On The Wall Street Journal.