Clara-Ann Gordon’s practice focuses on TMT, outsourcing, data protection, internal investigations, e-discovery, cloud computing and compliance. In addition to her advisory and transactional expertise, Clara-Ann also represents clients in court proceedings, mediation and arbitration. She regularly publishes and speaks at national and international conferences. She is a former chair of the technology law committee of the IBA; member of the board of directors of ITechLaw; co-chair of IAPP’s Basel/Zurich KnowledgeNet chapter; and president of the Association for IT Conflict Management.
WHAT MOTIVATED YOU TO SPECIALISE IN DATA PRIVACY LAW?
As data is increasingly recognised as the distinctive asset in our digital age, more and more companies are aspiring to capitalise on this new gold. Data has become an asset. Data can make companies very valuable. I think it is challenging and inspiring to navigate between, and balance, the rights of the data subjects against the interests of the controllers (companies).
HOW DOES NIEDERER KRAFT FREY’S DATA GROUP STAND OUT FROM COMPETITORS IN THE MARKET?
The diversity and broad experience has enabled Niederer Kraft Frey to take on work in a number of specialised areas including sport-related issues, broadcasting rights, data privacy and the Internet of Things (IoT). The corporate background and the specialisation in technology and data protection, combined with the strengths of Niederer Kraft Frey’s other practice groups, give clients access to a broad range of expert knowledge. In such a quickly evolving field as data protection and technology, our lawyers keep abreast of developments through being active members of industry groups. Innovation and keeping at the forefront of developments are key. This is made possible by the excellent network of international law firms (through cross-border collaborations on transactions) and networks in the technology sector.
WHAT ARE THE MAIN CHALLENGES YOU FACE WHEN ADVISING SWISS CLIENTS ON GDPR?
At first it is hard for a Swiss client or company to understand why it is subject to European legislation. It takes some convincing that the GDPR will also be applicable to a non-European company without an establishment in the EU, which is offering goods or services to the EU’s market or monitoring the behaviour of people living in the EU, due to the newly introduced extraterritorial reach of the GDPR. Not being a member of the EU, the direct applicability of EU law is new for Switzerland. Since, however, the Swiss Data Protection Act will be revised to be aligned with the GDPR, Swiss clients understand that sooner or later they will need to adapt.
TO WHAT EXTENT DOES SWITZERLAND MATCH WHAT THE EU DOES IN DATA, OR DIVERGE FROM IT? WILL THIS CHANGE?
Due to the heavy cross-border transactions between Switzerland and its European neighbours, it is crucial for Switzerland to receive the adequacy decision from the EU, according to which the Swiss Data Protection Act provides an adequate level of protection. Hence, the Swiss Data Protection Act is currently being revised and will be, it is assumed, over 80 per cent aligned with the provisions of the GDPR. There are some so-called “Swiss finishes”, where Switzerland will introduce stricter or different rules. One of these “Swiss finishes” are the fines that are lower than those under the GDPR – 250,000 Swiss francs. However, they are imposed on the individual and are therefore ad personam.
HOW HAS THE ROLE OF THE DATA LAWYER IN M&A TRANSACTIONS DEVELOPED IN THE PAST FEW YEARS?
Whereas prior to the introduction of the GDPR data protection issues were not a big deal in any kind of M&A transactions, data protection has become a serious compliance matter. Today data protection compliance is one of the key questions, and separate data protection due diligences are conducted that encompass not only the review of documents but also interviews with the CIO or head of compliance in order to gain insights as to how the applicable data protection laws are actually complied with in everyday business practice.
HOW HAVE AUDITING FIRMS AND OTHER SERVICE PROVIDERS AFFECTED THE COMPETITION IN THE SWISS MARKET FOR DATA PRIVACY AND PROTECTION WORK?
Audit firms and other service providers are a serious competition to us lawyers in Switzerland, since they are often, due to their audit work, very close to the client. Moreover, these firms often have excellent software tools that assist them in their data protection audits and work. Nevertheless, we still think law firms offer a more holistic approach (eg, tax, corporate, litigation, regulatory, etc) when advising on data protection matters, which is beneficial for the clients.
WHAT IS THE BEST PIECE OF CAREER ADVICE YOU HAVE RECEIVED?
If at first you don’t succeed – try, try again.
HOW WOULD YOU LIKE YOUR PRACTICE TO DEVELOP OVER THE NEXT FIVE YEARS?
Data and technology play a main role in almost all sectors. I look forward to seeing best practices developing and the laws adapting to enable new technologies and the protection, and also the free exchange and transfer of personal data.