I recently participated in the 2018 World Technology Conferencein Seattle. It was a great opportunity to meet lawyers fluent in digital and hear their diverse perspectives on digital regulatory challenges. Personally, I was in awe of finding 240 professionals in one room who could talk as long as I wanted to about policy; a geek fest of sorts, but in a relatable and good way. Professionally, it was an opportunity to confirm the vast challenges that global organizations face when working on their websites, social media, mobile application and artificial intelligence channels while balancing fair trade, privacy, and other issues de jour. Here are some of my takeaways.

Digital policies matter for startups and companies looking to be acquired 

No surprise that Microsoft (a key sponsor of the event) is heavily focused on regulatory and legal issues. The company is especially attentive to the compliance levels of companies it might acquire. The Redmond-based organization looks at target companies through the lens of risk and opportunity, applying mitigation strategies as needed. Some of those strategies include: putting an agreement in place that releases Microsoft of any legal responsibility for the target’s pre-acquisition compliance issues, using escrow for matters that might arise post-purchase, and having the acquired company pay off a “compliance fee” over time to help set things right. 

The Microsoft strategy solidified in my mind the importance of policies for companies looking to be acquired. Companies, especially startups, interested in being bought out can speed up the acquisition process or gain an advantage in the evaluation process by having policies in place.  If not policies, create some type of documentation that references the thought process around digital risk and opportunity evaluation. While companies are viewed by Microsoft as being more favorable if they have digital policies in place, startups ought to at least create memos on how they intend to become compliant with legal, regulatory, and industry best practice requirements.  This helps jump-start the acquisition discussion.

You can’t hide from GDPR no matter how hard you try

Ahead of the panel discussion on which I participated, there was only one question I had for our moderator: is there any topic we should avoid? The General Data Protection Regulation (GDPR) was the predictable answer. While we collectively tried our best, it only took 11 minutes before GDPR came up in our conversation. It is impossible to avoid. Every session had at least one mention of GDPR, with some sessions heavily focused on the regulation. What questions are lingering?

• Does any EU company offer to serve as a local representative for companies without a local presence?
• Is there a standard approach for validating that parental consent was given for the collection of a child’s personal information?
• What tactical solutions are available for compliance in the social media listening sphere where there is overlap between GDPR and other regulations (e.g., South Africa’s upcoming personal data regulation, Russia’s data localization requirement)? 

More digital policy issues are on the horizon

Currently, for the large, global organizations that I work with, their key concerns are websites, mobile applications, social media, and potentially customer relationship management and email channels. But there are so many more policy issues coming down the road for many of us.

• 4D printing is becoming a serious thing. It differs from 3D as it has an additional dimension – time. 4D printing leverages self-deformation once it is unprotected from heat and other environmental stimuli. In other words, items printed in 4D can evolve and change, not remaining stiff. There are many implications for such technology, from healthcare (imagine making a part to fit and adjust to a missing aspect of a body) to plumbing (imagine self-expanding pipes based on the amount of water flowing through them). Unfortunately, there is little guidance for organizations in this evolving arena and those enterprises choosing to be early adopters will need to consider the risks and opportunities of doing so and develop a sound policy to guide 4D applications.
• Wearable technologies are all around us from a consumer perspective. But what happens when the wearables are used in the workplace? This can include virtual reality environments for surgeries or even devices that route firefighters to get individuals safely out of a burning building.  There are many issues to consider, including accountability for negligence should a negative event take place as a result of the technology. How does a company enforce wearables on an employee who may disagree with the technology or have fundamental ethical issues with using them? Ultimately, what happens if, or better when, some wearable fails? 
• Agricultural technology is a thriving business with many moving parts and complexities around software, big data, drones, pharma, life sciences, and sustainable environmental applications. While farmers can leverage the technology to increase yields, thus lowering costs and reducing product time to market, there are also emerging concerns around who owns data and how it is used. Policy needs to be created to clarify not only ownership, but how the data is used in the context of employment, product contracting, and subcontracting.

There were so many fascinating subjects at the conference and I could spend hours losing myself in all of the trademark, fair competition, data and regulatory details that were buzzing around. My addition to the conference was centered on expanding that conversation to consider the breadth of digital that goes beyond legal and regulatory yet needs to be added to the conversation (e.g., brand, technology selection, publishing rights and approvals, etc.). 

In the days since the conference, I have continued to reflect on emerging topics such as the afterlife of data and what happens with technology ownership, blockchain, cryptocurrency and regulatory governance of data-based business models. There is no doubt in my mind that I will continue the conversation with many colleagues from the event through one-on-one conversations as well as upcoming ITechLaw webinars and collaboration calls. I am also excited to bring some of my new insights to client engagements and conversations with you and other colleagues.

If you are interested in hearing more about any of the above observations or need consulting support for your organization’s policies, please get in touch. 

Photo Credit: Brady Harvey/Museum of Pop Culture