Over the past two decades as a lawyer and law professor, I’ve been to plenty of conferences: grand ones organized by professional membership associations with fancy keynotes speakers and high production value; little academic ones where only the twenty people in attendance know about (or care about) the subject. They all have something in common: They are professionally monocultural by design, with lawyers teaching other lawyers about law.
RSAC will be refreshing. When I filled out my registration form, it was not even possible to select “counsel” or “lawyer” as my job title. The information security world is professionally multicultural. It requires cross-disciplinary training and exposure to solve complex security challenges. I cannot be a good data privacy and security lawyer without learning to speak IT security. Information technologists now need to be familiar with the difference between a security breach and a contract breach. Mixing us all together in the high-tech capital of the world is simply brilliant. I can’t wait.
I confess, of course, to nervous anticipation. My primary expertise is intellectual property law, which typically involves working with scientists, technologists, and entrepreneurs when they are optimistic, hopeful, excited and looking toward what they hope is a promising and lucrative future.
IP represents novelty and innovation, people taking advantage of their creativity and intelligence to improve their lives and those of others. The fundamental purpose behind patent and copyright laws is to promote human knowledge and scientific progress, to incentivize people to generate art, music, poetry, and other expressive works for society to enjoy. These laws spring from constitutional foundations and inspire productivity and creativity.
Information security is necessary because people cannot be trusted. They make mistakes, they act maliciously, they are spiteful, and they commit crimes. Laws around data protection have sprung up very recently to require enterprises that handle data to manage that information in particular ways. Liability is shifted from client to vendor through contracts, cyber insurance products are now for sale, and fear drives the purchase of technology products, and consulting and legal services. I happen to like this dark world because it’s just as intellectually intriguing as the creative one. The people who work in information security are excited by discovery too – catching the mouse, perhaps, rather than creating the trap. They love the science and technology that drives information management, and they are smart, motivated and curious.
So, thanks for having me, RSA Conference. I am impressed by your history of bringing diverse experts together in acknowledgment of the complexity of these problems. I’m excited by the technology topics as well as the legal and policy ones. I’m thrilled at how many people (like me) have discovered what a terrific event this is. And I’m looking forward to meeting you all!