As the level-head of the business, the GC promotes strategic influence while, at the same time, supporting crisis scenarios. A balanced approach is essential as the expectations placed upon General Counsel – integrity, leadership, knowledge – they bear greater weight than most executive roles.

TechGC is all about sharing stories (war stories especially). By observing others’ approach to issues, we open windows of insights to our own.

Operating legal in a cloud based company?

“Civis Analytics is a data analytics technology company that offers cloud-based solutions to help organizations use data to inform their most important decisions and audience campaigns. Our founder, Dan Wagner, built the core data science and technology behind the first data-driven Presidential campaign in 2012. After the campaign, Dan and his team noticed that a similar problem exists across organizations that need to reach people: building messages, finding customers, and measuring campaigns with math and science. They started Civis to bring that same approach to companies, nonprofits, and governments.

Our clients range from some of the world’s biggest companies to the largest social causes, including McDonald’s, Discovery, the Human Rights Campaign, and the Bill & Melinda Gates Foundation. The goal is the same for all – unlock data to understand key audiences, create targeted campaigns to compel them to action, and measure what’s working.”

Hiring a legal team for growth?

“In addition to me, we have one talented in-house attorney who handles the majority of our client agreements. She works very closely with our product and business teams to understand our offerings and to negotiate and review our agreements with commercial, non-profit and advocacy, and political clients. She also works on optimizing our contract management process and tools, from intake through execution, and collaborates with me on various legal projects.

We have a burgeoning government data science business (which quadrupled in the past three years) and we are currently FedRAMP in-process, with the expectation that this investment in our security and data programs will allow us to grow our federal government work. Because government contracting is so  specialized, we also work with a part-time contract attorney, staffed through an external provider, to respond to RFPs, draft templates, and review and negotiate government agreements. My team also consists of two non-lawyer compliance professionals, who specialize in information security compliance, and our Cybersecurity team who support global information security strategy, compliance, and risk-based programs focused on protecting information systems, product, and data, as well as detection and response of threat.”

The best approaches to data protection and privacy?

“Data protection is likely top-of-mind for most GCs, including those who don’t work at data companies. I’ve highlighted a few areas that I view as key to an organization’s data security program.

  • Preparation: While I don’t spend all of my time planning for doomsday, I do adopt a “when, not if” mindset when it comes to data protection. We need to be prepared for a worst-case scenario. And while that scenario will hopefully never materialize (in part because we’ve taken industry recommended steps designed to minimize the risks), the act of preparing for it alone will challenge us to become more secure. That preparation involves inventorying and understanding the nature of data within our organization (data classification), including where the most sensitive data resides; following end-to-end flows through (and out of our organization) and the controls that apply to it along the way; and confirming who has access to the data. Once we have those answers, we can ask the hard questions. Do we need to keep the data for as long as we do? Can we perform certain tasks with less data? Do these employees need access to the data, and what is the appropriate level of access (least privilege principle)?
  • Partnerships: This is not an area where legal can (or should) go it alone. It’s important to establish a relationship with your organization’s Information Security Team, as well as with the Engineering and IT teams who may be responsible for implementing any proposed security enhancements and who are knowledgeable sounding boards and invaluable resources.
  • Putting Yourself in Your Customers’ Shoes: We need to remember that our customers – whether other organizations or individuals – have entrusted us with some of their most important information, from business strategies to credit card numbers. This is a privilege and not a chore. We should challenge ourselves not only to meet, but to exceed, their expectations.”

The best way to build trust in the legal department?

“It sounds very obvious, but I do what I say I will. My actions need to match my words, and if for some reason I cannot follow through on what I’ve said, I’m transparent as to why. Moreso, while I can tell my team and my colleagues what my priorities and my values are, I prefer to show them. I can tell them that I value their time, but it means more that I set clear agendas for our meetings and don’t email after hours or on the weekends. I can tell them that we should have a growth mindset and learning culture, but I need to back that up with a budget that provides for them to pursue certifications and attend conferences. I can tell them that I value cross-functional partnerships, but I need to demonstrate that by being curious about other teams’ work and getting their input on what they think their relationship with legal should look like.

I’ve heard other GCs say to “fake it ‘til you make it,” and I understand where this is coming from in terms of exhibiting confidence and trusting your sound judgment. But I’m at a new company, in a new industry, in a new role. I don’t, and I’m not expected to, have all the answers. What feels more natural to me is to embrace that I will always have more to learn. The most impressive thing about Civis is our people – their intellectual curiosity, their tenacious pursuit of excellence, their desire to better their clients and communities. We have so much to gain from each other, and it’s important that my colleagues know that I recognize their value and I genuinely want to learn from and with them.”

About Laura Belmont

As an attorney, compliance professional, and mom, I spend most of my days listening, solving problems, distilling complex concepts into easily-digestible information, and answering “why” and “how” questions. I started my career in the non-profit sector focusing on disability advocacy and civil rights, and then took what I thought would be a quick detour to private practice. Much to my surprise, I enjoyed working at a large law firm – the fast pace, the novel legal issues, the intellectual and academic rigor, and the incredibly talented colleagues and mentors. When it came time to return home to Philadelphia, I transitioned to an in-house role so that I could focus on what I like most about lawyering – working closely with businesses, creatively navigating complex issues, and solving problems with a focus on collaboration, innovation, and practicality. I’ve always felt a pull back to mission-driven work, which was amplified in 2020. That led to a leave of absence to perform voter protection work in Pennsylvania for the 2020 General Election and now, a new professional challenge. As General Counsel of Civis Analytics, I get to marry my interests in helping businesses thrive and serving my communities by bringing data-driven truth to organizational decision-making for some of the world’s biggest companies and the world’s largest social causes.