In this fireside chat, Ken Priore, ex-Director of Privacy: Product and Compliance at Atlassian, discusses his journey into the tech world, current privacy and AI concerns for GCs, and how to successfully work with entrepreneurs.
Your career has spanned across a number of notable high-growth tech companies like Box and Grindr, how did you end up as an in-house GC focused on big tech privacy?
My first role was actually in-house, where I started at Charles Schwab. I was hired directly from law school, during a time of tremendous growth at the company. It was a very legal-focused organization back then, with over 100 attorneys, and they were emulating the law-firm model by bringing in associates early in their career and giving them on-the-job training in financial services and compliance. After a few years there, I got the startup bug and joined MVC capital, a VC firm, which ran extremely lean with only about 20-25 people, where I was the sole in-house counsel.
I’ve never really had the traditional parth going from firm to in-house, but I think that’s because what drives me is working on products or projects that are novel and haven’t been done before. One of the great benefits of being in the Bay Area is the constant exposure to people and entrepreneurs who say “how can we do this differently?” and I think that mindset has made a big impact on how I operate as a lawyer to this day.
What have been your biggest learnings from working with entrepreneurs?
Knowing your limitations is one of the hardest things to communicate, especially when you’re leading a business. When you’re in pitch mode and people are trying to raise capital, you want to see people with the mindset of “we’ll solve any problem.” One of the things I try to figure out when working with entrepreneurs is if they understand their own capabilities – and if they can see where they’re lacking knowledge and need to turn to outside help.
When working with entrepreneurs, it’s important to know where they are in their journey, what they know, what they don’t know, and how much of that they’re willing to communicate with you. The type of guidance I give to them on a particular subject of regulatory space really depends on where they are as an entrepreneur.
It’s true that sometimes you just need to put more cognitive horsepower behind a problem or get more resources. However, other times the solution is more creative and involves operating in gray areas or reallocating already existing resources. My biggest learning when working with entrepreneurs is that to communicate effectively with them, you need to understand who they are as a person and what’s driving them.
What have been some of the big challenges for you as GC?
One of the challenges that I still continually face is how to get the right connections with the right people, and that’s especially difficult in large organizations that are constantly evolving with new mandates and OKRs. It can be hard as a GC to make sure you invest the time in building the necessary connections with company stakeholders so that you can understand each of their unique concerns.
There are always concerns beneath the surface that you need to worry about as GC, and it can be tougher to figure out what those are if you’re operating in a remote environment. The way that I’ve learned to solve this problem through my career is by budgeting more time to meet with people as individuals so that I have regular touch points that go beyond what’s going on in their day to day.
As a GC, you need to get to the bottom of what leaders are worried about before they’re ready to admit it’s a concern for them, and that comes from investing time in building a lot of trust across the organization.
How did you get so involved in big tech privacy? How did that become a focus in your career?
I started my career in financial services, where there’s a big focus on knowing your customer and holding their financial information sacred. That thread has continued throughout my career as I’ve worked for everything from enterprise software to mobile applications. Grindr is a great example that I use when talking to law students about how enterprise and cloud applications are related.
When it comes to either product, we hold the most important piece of information that we have about this individual, whether that’s their financial information, their dating profile, or their next great pitch.
All of that is part of big tech privacy, and over the last few years I realized that it was one of the things I had started to focus on more organically over time. What I find especially exciting right now within all this privacy work is product counseling; product counseling is the mechanism that I use to work with my internal teams as they develop projects.
I keep a Rubik’s Cube on my desk to remind myself to always look at problems creatively. Any attorney in the technology space, regardless of their speciality, should take on a product counseling mindset. How are you helping the team solve problems in creative ways? How are you helping them go to market and put deals together?
Regardless of the industry you’re in or the problems you’re facing, product counseling is an incredible framework that I lean into in the way that I practice law. What excites me the most as a GC is wondering, “what are you trying to build and how do I help you build it?”
How do you think GCs should be thinking about generative AI as they incorporate it into their businesses?
In the generative AI space, the best practice that any organization can do is first to make sure that they have a good sense of control around the data that they’re going to be sharing with these tools. They have to have an understanding of what will happen once they share their data, and what the output will look like. Then they need to examine it from an ethical data framework to understand the implications of the generated data set.
I’m a big fan of working from known capabilities and regulatory frameworks and expanding from that. What I mean by that is building out a global privacy program where we look at the privacy regulations that are on the books today, then use that as a framework as we go into uncharted territory. From an organizational standpoint, you need to incorporate AI with good controls in place so that in the future you can explain to regulators what you’re doing and how it does or doesn’t match up to their regulatory structure.
All of that is less about looking at what the regulation is saying externally, but first and foremost, looking internally at what you’re doing with your data practices. When you’re introducing AI, it’s really just another data tool – albeit with an unexpected and impactful output.
What’s your experience been like as a member of TechGC?
I joined during a time where companies still weren’t having in-person events, so I leveraged the remote events a lot, which I still think are fantastic. I’m a big believer in the power of networks. The conversations that you have with people are some of the most important groundings to future work, whether it’s in-house as a role or the next big project you’re gonna be working on.
As far as the in-person events, I was very fortunate to be able to speak at one of the first in-person conferences in New York with TechGC right after the pandemic. I found it incredibly invigorating, and would encourage anyone to get involved, especially if they’re newer in their career. It’s a great place to test out and learn what your comfort level is with public speaking and sharing their expertise with the larger community.
It’s a very welcoming community, and I’ve found that having a place to truly connect with peers and share our expertise is one of the most powerful aspects of being part of TechGC.
Do you want access to the best resources and network for building your legal career and tackling the unique challenges of being a GC? Apply for membership at TechGC today.
Ken is an accomplished legal professional with over 20 years of experience in the fields of privacy, global partnerships, and product counseling. During his tenure as the Director of Privacy at Atlassian, he demonstrated his expertise by successfully incorporating privacy-by-design principles into the development of products. Additionally, Ken played a pivotal role in conducting privacy impact assessments and spearheaded the development of a comprehensive Global Privacy Program while leading a talented team.
Before his time at Atlassian, Ken served as the Global Director of Legal at Box, where he showcased his exceptional negotiation skills by leading strategic partnerships, including cloud service agreements with renowned companies like Google and IBM. Notably, he also held the position of General Counsel at Grindr, a highly successful mobile dating application.
Throughout his career, Ken has been involved in several significant milestones, such as being part of the acquisition of Silver Spring Networks by Itron for $830 million in 2018. Furthermore, he played a vital role in Grindr’s acquisition by the Chinese tech firm Beijing Kunlun Tech Co Ltd for $93 million in 2016. Additionally, in 2000, Ken contributed to the successful launch of MeVC as a publicly traded company on the New York Stock Exchange, marking it as the pioneering publicly traded venture capital fund through a partnership with venture capital firm Draper Fisher Jurvetson
Ken’s expertise has also been sought after in academic circles, where he has served as a guest lecturer at esteemed institutions such as Tulane Law School and UC Berkeley School of Law. He is an active member of the International Association of Privacy Professionals (IAPP) and TechGC, showcasing his commitment to staying at the forefront of legal and privacy matters.
Ken holds degrees from Tufts University and Tulane University Law School and is a member of the California Bar.