Denelle Dixon-Thayer joined Mozilla in 2012 as an associate general counsel and has since risen to the position of senior vice president of business and legal affairs in which her responsibilities include business development, public policy and managing the legal department.
Registered as a non-profit, Mozilla is an open source browser, meaning the code that makes it work is available for anyone to scrutinize. Many of its employees hold strong beliefs about privacy, and are as Dixon-Thayer calls them “privacy engineers” who insist on transparency about the company’s data collection policies.
Mozilla itself has created a series of tutorials such as its Smart on privacy series available at the company’s Mozilla.org website. “We’re going to be doing our smart on security soon,” she said.
Dixon-Thayer spoke with Big Law Business in a discussion about privacy and technology issues in the legal profession. An edited transcript follows.
Make sure you have policies. That’s what I would say for lawyers.
For the most part, many law firms don’t transact their business of being a law firm over the Internet.
A lot of times we’ll seek reductions based on the fact that we’re using a law firm globally including in places where rates may be lower.
Big Law Business: Today, most lawyers bring their own devices. Is there an easy way to manage this?
Dixon-Thayer: This is an area that’s rife with concern. This is something I think about as the head of the legal department here. It’s concerning just because, what if somebody misplaces their device? It needs to be able to be wiped remotely. There needs to be really good password management, so you’re changing your password on a constant basis. There are ways you can encrypt it, so that if someone does find the device, everything on it is encrypted. It’s a concern, but it’s a reality.
Big Law Business: What are the worst case scenarios?
Dixon-Thayer: I always think the worst case scenario is a phone gets lost and it didn’t have a password. That would be terrible from the standpoint of a law firm, which has all that confidential data. The other scenario would be if it got hacked. The thing you can do is focus on best practices for the industry and just make sure everyone’s aware. Make sure you have policies. That’s what I would say for lawyers.
Big Law Business: What are some of the most important laws emerging?
Dixon-Thayer: From a client service perspective, there’s going to be a lot of laws coming out of the E.U. We’re going to need to be able to manage through disclosure requirements. It’s very complicated and it’s particularly complicated when you’re dealing with a client like Mozilla that sits in lots of different regions.
From the domestic standpoint, the laws that are structured around data disclosure. For instance, if there was a data leak – and you need to disclose it – these things vary state by state. We think that it’s really important for users, and that could be clients and it could be employees, to have a very good understanding of what’s happening with their data.
Big Law Business: Law firms have been under scrutiny lately for having lax data security procedures. Any thoughts about why?
Dixon-Thayer: Tech companies confront this every day. We need to be very vigilant and try to educate our users about this. That’s not the traditional space that many law firms occupy. For the most part, many law firms don’t transact their business of being a law firm over the Internet. I encourage firms to really understand the data protection laws. There’s just so many things out there.
Big Law Business: Can you talk a little about some of what’s been happening at Mozilla around privacy and data security issues?
Dixon-Thayer: From a browser standpoint, Firefox is your client. It’s on your hard drive. It collects data on you. But that data is not sent to Mozilla*. That’s very different from other browsers. I think that’s a point of differentiation.
We also have a feature called, ‘do not track,’ that you can set your browser to say, ‘I don’t want to be tracked.’ It’s a signal that the browser sends out to sites that you visit so they don’t collect data on you. But other sites have to respect it and, to be honest, that hasn’t been that effective because other parties out there haven’t respected it.
Big Law Business: What kinds of issues do you have with outside counsel?
Dixon-Thayer: We use outside counsel. We have a nice bench. We have lots of relationships. I think that every firm should be approaching each assignment on a project basis and what makes the most sense in that particular situation. A lot of times we’ll seek reductions based on the fact that we’re using a law firm globally including in places where rates may be lower. Also, a firm may have people all over the world working for us. I want to be able to go to one person and say, ‘I’m having a problem, how do I fix this?’ A single point of contact makes it so that we’re much more streamlined in terms of how we operate.
Photo CopyrightBLOOMBERG NEWS
* Dixon-Thayer originally said Firefox, but corrected her statement to Mozilla, the non-profit parent company.