GZ: Let’s start at the beginning of your professional career. When and how did you come to realize that a career in law would be your preferred path?
RB: As a teenager I thought I would follow my parents who were both dentists and work with them, but I soon realized that I was never going to pass school exams in physics, chemistry, and biology, so I would never have the right qualifications to get to university.
I was however good at history, economics, and English literature, and I also was good at acting, so I had the basics that lawyers need. I think I was 15 years old when I told my parents I wanted to be a lawyer. I got work experience through a family relative who was senior partner of a local law firm, and I really enjoyed corporate and commercial law. After university and further post-graduate examinations, I trained with the same law firm, but then joined another law firm after I qualified as a solicitor in 1979.
GZ: Much of your career has focused on data protection and privacy matters. What was it about this area of the law that attracted you?
RB: In 1979, my next-door neighbor, who was about 18 years old, developed a video game called Invader’s Revenge. He asked me to act for him on his publishing deal, and I soon realized that I was one of the first lawyers to get into computer games law. I eventually acted on the Tomb Raider games, the James Bond games in the ’80s, for Electronic Arts in the ’90s, and then Second Life in the ’00s. Even back in the ’80s, I was having to advise on data protection, as these game companies were collecting data about the teenagers playing the games and the parents who paid for them.
By the late ’90s, I was doing more international data privacy work than any other legal advice. Once again, more by luck than design, I was one of the first lawyers to get into data protection and information security laws. I ended up getting asked to give input and advice to governments in the United Arab Emirates, Japan, Singapore, Malaysia, South Africa, and Brazil as they developed their laws.
It has been educating and rewarding to be part of the development of data privacy and data protection laws and regulations, and then to help organizations to implement compliance procedures and react to data incidents and so on.
GZ: You’re based in the United Kingdom (UK) and are a highly regarded expert on the General Data Protection Regulation (GDPR). However, your expertise extends to data protection and privacy laws in many other jurisdictions due to the multinational nature of your clients. What common trends and themes have you noticed as the many laws on data protection have evolved?