Davison Paull – Dashlane

There are an estimated 3.5 billion people logging on to the internet globally. Of those users, perhaps 60 million use some kind of digital storage for their passwords, likely by saving them at sites they visit or through a browser like Google Chrome. It’s a convenient method, until there’s a hack.

Yet who can blame them? Passwords are a pain; so many characters needed in a mix that includes letters, numbers and symbols. So often they need to be changed and remembered yet again, and everyone knows using only one password everywhere is an invitation to identity theft.

Few people are more familiar with this conundrum than Davison Paull.

“It’s an open secret that the web is much less secure than you’d want it to be and passwords are particularly vulnerable,” says the general counsel for Dashlane, which provides a platform for password management. “The Dashlane vision is to bring control of people’s digital identities back to them and to make the experience of navigating the internet, which is supposed to be convenient, actually convenient. It starts with passwords, but doesn’t end there.”

Getting onboard

Dashlane’s platforms start with a no-cost product allowing customers to store and manage credentials for up to 50 sites. For monthly fees of $4.99 or $9.99 (charged annually) customers can build in layers of protection that include dark web monitoring, credit monitoring and identity theft insurance. The platform also provides a password generator and autofill capabilities that automatically populate credentials, addresses, and other information in online forms.

“We are asking a lot of customers, to please trust us,” Paull says, noting that Dashlane does not even know the passwords any customer uses to access services because of how they are stored.

“We don’t have it, we don’t want it, and we can’t get it” Paull says. “All the data you’re using is encrypted with a key generated from your Dashlane password. There is no master key.”

It’s not just consumers who face high stakes in the event of a breach or unsafe data practices. With Dashlane products available globally, Paull says the company needs to comply with rapidly evolving privacy laws, including Europe’s strict General Data Protection Regulation that could cost a company a portion of its earnings for infractions.

There’s also the California Consumer Privacy Act, which goes into effect in 2020. Like the GDPR, it regulates consumer data collection and use by third parties, and has required Dashlane to once again review databases and information practices. Paull will also guide how Dashlane will accommodate customers who live outside the EU or California but want the same legal protections. He expects Dashlane will extend these new rights no matter where its customers reside.

As the first Dashlane general counsel, Paull says it was also up to him to enhance the corporate structure of the company, though much of the groundwork had been done by the founding executives.

“I’m trying to protect us and do things smartly,” he says. “As we climb up the business ladder, I am going to have to negotiate more complex agreements as opposed to just relying on our standard terms. For now, I am a team of one, so it is very important for our staff to understand the basics of the contracts and why we take the positions we do.”

Not without competition

Founded in France in 2009 and expanding to the U.S. in 2011 and 2013, Dashlane has quickly grown. It recently completed a round of Series D funding, securing $110 million in new capital, largely from Sequoia Capital; and since Paull joined the company in 2018, the number of employees has grown from 150 to 250, a number he expects to double in the next two years.

Still, Dashlane isn’t alone in this burgeoning area. “The industry as a whole is at an inflection point,” Paull says. “The challenges for us are we’re deeply capitalized and have to stay ahead of curve with the experience we have,” he says. “We are not a startup anymore, we have to operationalize things that used to be done off-the-cuff.”

As Dashlane’s services face added competition, Paull says it will continue simplifying its customer interfaces while strengthening its data security even more.

“On the surface it seems simple,” he explains. “Here is a digital bag you keep your passwords in. But there is an awful lot happening behind the scenes, and God knows how many websites there are out there.” Those sites include rogue ones built by hackers to mimic sites such as those operated by large banks, waiting for an unwary user to provide credentials that can be stolen.

Playing in the band

A native of the South Shore of Massachusetts near its border with Rhode Island, Paull, 50, is married, has two daughters and has lived in New York City since graduating from the University of Massachusetts at Amherst with an English degree in 1989.

Despite being a third-generation attorney, Paull’s decision to attend law school came years later, after he had spent more than a decade in the entertainment industry, with stints at Miramax films, New Video Group and as a freelance copywriter. He earned his Juris Doctor from New York University in 2006.

“I got into law really to have a job like this, to forge my own path in business,” he says.

Earlier in his New York days, Paull was also part of its music scene, a guitarist, singer and songwriter in bands playing country, folk, rock and blues.

The music has never quite stopped for Paull; the in-house Dashlane counsel was also part of an in-house Dashlane band that entertained during the company’s 10th anniversary retreat in France last year, although he says no one has quite decided on a name for the group.

In-house picking may be secondary to in-house legal counseling, but Paull says both are rewarding.

“You are much more enmeshed in the life of the company; that is a big draw for me,” he says.