Security Expert Interview Series: Jutta Löwe
We are thrilled to announce our next interview where we spoke with Jutta Löwe. Jutta is a Data Protection Officer based in Germany. In this interview, she shared her professional background with us, then answered our questions around the dangerous threats to the security of personal data on the Internet today, the trends she foresees happening in data protection, and others. Continue reading the full interview below and see what other topics Jutta Löwe touched upon.
1. Firstly, thank you very much for taking part in this campaign, Jutta. Can you tell us about your professional background and areas of interest?
Thank you for having me. It is a pleasure to share my experience and thoughts and be part of this amazing group of people. I studied Law and jumped into IT and Media Law already at university. Finally, I have more than 20 years of professional experience, in-house, at university, and as an external Lawyer, specialized in IT and Data Protection Law. I like to develop and build up new things, departments, products, teams.
I am always keen to find holistic solutions and passionate about digitalization. The ongoing digitalization brings more and more areas to my domain of expertise which is amazing. With this focus, you are always part of supporting transformation and designing the future. In IT law you need to closely collaborate with other professions which I always find very inspiring and just fun.
2. You are currently holding the position of Group Data Protection Officer. Is there a typical workday for a data protection officer and more specifically, what are some of your primary concerns on a daily basis?
Luckily not too typical. ???? But for sure we do have recurring to-dos, and we will continuously automate as much as possible. In addition to my role as the head of an international data protection department, a major part of my work is supporting all departments in privacy-related matters. Thus, I and my team work together with colleagues from Information Security, IT, and Indirect Sourcing to discuss the scope and details of relationships with external providers. We have to be involved in nearly every project. An important part of my work is to translate or kind of it. From law to IT to business and back.
3. Would you say that you have had any barriers during your career and success as a female leader?
There was one situation where I could directly correlate a rejection to my gender or my role as a young mother. But generally, it was obvious that the career steps of male colleagues were bigger. First, I thought it was just my bad luck or the others who did perform even better or similar things.
Anyway, the figures speak a clear language. It is a fact that women do have barriers – to keep it more diverse: not only women but people who combine (or are assumed to combine) care, family, and work in a modern emancipated way. When I talk to other leaders about young talents, they, not only men, think that young female talents might not want to take further steps directly when they are engaged with someone or even married. It is always: “She certainly will get pregnant in the near future; thus, she might not want this challenge.” But they do not ask the person directly. We all unconsciously carry prejudices and outdated role models with us. Companies must better integrate the lives and different career paths of their employees in a holistic way.
There are networks of men, rather informal, in which women are excluded. Of course, there are also women’s networks, and I meanwhile understand the need, but we must develop a common network culture. No one should be excluded. It is proven with studies that it will pay off.
4. What are the most dangerous threats to the security of personal data on the Internet today, and how can we protect ourselves from them?
You know, it´s the user who is the most critical part. Most incidents are due to a lack of awareness of the user. People like to share their lives with others and don´t think about the possible consequences. Companies can use the best security tools and technical measures, but users can destroy all this effort in a minute. Monthly Password changes might not lead to more security but to sticky notes next to the screen if the user doesn´t understand the background for secure passwords.
5. What trends do you foresee happening in the data protection landscape during the rest of 2021?
One trend will relate to international data transfer. The enforcement actions are increasing and putting more pressure on the big tech companies like Facebook, Google and the like.
The Schrems II case consequences and the recently published new Standard Contractual Clauses will further push on compliance efforts for international data transfer. On the one hand, the authorities did start investigations by sending questionnaires around, and some nonprofit organizations the push enforcement from their end as well. Legal Tech companies are also developing business models around it.
If you look abroad the privacy landscape is enhancing. The US is discussing a federal privacy law and many other countries are developing privacy laws that include similar principles like the GDPR. If not already done global companies have to build a global privacy strategy and should prepare for possible enforcement.
6. What do you think organisations should be doing more to encourage more women to consider a career in data protection and information security?
It is the same as for other positions. Create an open and trustworthy inclusive working culture that is open to everybody. Women more often don´t ask proactively for new challenges. Companies could do development programs to improve leadership skills within the management for enhancing empowerment in all areas. Don´t expect the same leader and same type of manager just in the female version. Diversity requires courage for change, it´s not always easy but worth it.
I don´t like it, but unfortunately, still most women do the care work at home and take a step back for the kids. For more diversity within companies, we should not only push women to take the opportunities we also need to support families and improve work-life balance for everybody. I really like the #HeforShe initiative of the United Nations. We cannot change the world with only 50 % of the people. We need each gender and in business, especially the support of the men.
Companies should improve flexibility at work, even in management positions. It´s not about the time I spend at work it´s about the engagement and added value. It is also the society that needs to change and think more diverse and inclusive. It has to start at kindergarten. We need to constantly uncover unconscious bias.
7. Where do you go for inspiration or resources that you use in your own development?
I enjoy the exchange with other professionals in several networks, about privacy topics but also regarding personal development. From time to time I take coaching lessons which help to reflect. I think it is crucial to take time to relax, well-being is still underestimated, especially within the legal branch.
8. Lastly, if you could give your 25-year-old self just one piece of career advice, what would it be?
What a good question. At that age, I was in my last phase of law study at university. Hard times. The advice would have been: “yes, you can! Trust in yourself”
Click here to learn more about the Swiss Cyber Institute’s approach towards improving the digital safety and security of society and economy through education and weekly blog posts. Do you think you are a good fit to participate in our Security Expert Interview Series? Reach out to us for more information.