10 questions with Claire Jones

Claire Jones has been a key member of the Privacy Compliance Hub team for the past five years. She’s also a qualified lawyer and co-founder Nigel’s wife! We ask Claire what she loves about the law, the common mistakes she sees organisations making and about her vision of a more privacy-focused society

By Emma Sheppard

Privacy Compliance Hub writer

April 2022

Hi Claire, tell us a bit about what you were doing before you joined the Privacy Compliance Hub (PCH)?

I qualified as a lawyer in corporate finance and then worked with a law firm in the City for seven years doing a mix of corporate and commercial work. After my first child was born in 2004, I left because I found the hours were incompatible with having a family. The children are older now and I’ve since reinvented myself as a specialist data protection lawyer. 

What made you want to go into law? 

I didn’t know what I wanted to do when I was at school. I did a degree in Business Studies but while I was studying at the Polytechnic of Central London (which is now the University of Westminster), I took a few law modules and enjoyed them. After I graduated, I ended up doing a two-year law degree at Queen Mary University. I really enjoy the academic study of law. I like the purpose of it – how it regulates how people behave towards each other and the impact it has on society. 

Check out our short product walkthrough video for an understanding of how the hub works

Click here to watch

What was life at the law firm like? 

Well that’s where I met Nigel! He was in a different department and further ahead in his career than me. The firm employed about 500 people and it was nice to work in a big firm with lots of people. It was a dynamic environment and I got to rub shoulders with a lot of experts in their field. 

I think the hours were the worst thing. There was a regular succession of nights in the office until 1am or 2am, and then back in for 9:30am the next day. There’s only so long you can do that for. And at the time, it also wasn’t the sort of job you could leave at 5:30pm to pick up your child from nursery. 

When did you join PCH?

It was in 2017, about six months before the GDPR came into force. Nigel had mentioned he needed a bit of help, and I said, ‘well what about me?’ I didn’t know much about data protection law but I knew I could learn quickly. And it’s a very interesting area because it touches everyone’s lives. 

How do you find working with your husband? 

He’s not a micromanager, so that’s good! I’ve had to get used to the PCH style – I’ve naturally got a wordier, more detailed way of writing, whereas PCH is more about making everything simple, accessible and straightforward. Most of the people reading our privacy tips, for example, aren’t lawyers so they have to be easy to understand. 

One of your responsibilities is PCH’s social media feeds. Where do you think the momentum is around privacy at the moment? 

People have become much more aware about the importance of privacy. I think the Covid-19 pandemic has really accelerated that as people’s lives moved online. We’re seeing more stories in the press about data breaches and how big tech is handling people’s data. People are starting to realise the information collected about them isn’t just what they enter into an online form. Profiles are being created about people that also include location data, browsing habits and much more. 

Are there any common mistakes that you see organisations making when it comes to privacy compliance?

Probably the failure to be transparent about the data they’re collecting and what they’re doing with it. They also often collect data they don’t need. Retailers don’t need my date of birth, for example. And then just the classic human errors, such as data breaches caused by sending out an email to lots of people CC’d (rather than BCC’d). You’ll never get rid of 100% of human errors but a lot of those mistakes can be minimised with frequent training, and building a privacy-first culture. 

Is that becoming harder with hybrid working? 

It’s definitely harder for employers to keep control when people are working remotely. There was one example of a data breach in Ireland recently, where someone had printed off a lot of sensitive customer information and just put it in his domestic recycling bin. It was a really windy day and the wind blew the lid off. Customer data was strewn all over the road. If he’d been in the office, those documents probably would have gone straight into the shredder. 

If you want more practical content like this article, please click below to sign up for our monthly newsletter.

Sign up now

What do you like doing outside of work? Are you in the garden with Nigel?

Definitely not. I’m not a gardener, I’m a born and bred Londoner and I’m not comfortable in places without pavements. I play tennis once a week (there’s a group of us who’ve played together for years) and I’m a big reader. I’m reading the Age of Innocence at the moment. Edith Wharton was the first woman to win the Pulitzer Prize, and it’s about the life of the upper classes in New York in the 1870s. I’m enjoying it so far. There are lots of classics I’ve got on my list to read! 

What are your predictions for the future of privacy compliance? 

Obviously privacy is not going to go away. One thing I’d like to see the back of is live facial recognition technology. It takes away people’s anonymity and is so flawed – it doesn’t work as well on women’s faces or people with darker skin, for example. Companies like Clearview AI which has scraped billions of photographs of people from social media to develop their algorithms. I do think at some point we’ll look back with horror at what’s been going on with people’s data. A bit like how we look at the factory conditions during the Industrial Revolution, when children were working, people got maimed, and there was no health and safety legislation. Misuse of data can be very harmful, particularly for vulnerable people. Gambling addicts can be encouraged to place more bets, a young teenager watches a video about anorexia and is then bombarded with similar content. I hope that a safer, more privacy-focused future is possible. We’ll see what happens.

More to watch and read