James Casey – Akamai Technologies

Mr. Rogers, Mr. Ed and Mr. Magoo are household names, but what about Mr. Framework?

While he’s not a lovable children’s TV host, a talking horse or a bumbling cartoon character, James Casey’s role is just as important to the continued success of Akamai Technologies. As the company’s chief privacy officer, Casey believes strong compliance and an ethical framework are at the core of the business.

James Casey | Chief Privacy Officer | Akamai Technologies

At Akamai, a technology firm that handles internet transactions through a network of over 300,000 servers, the mission is to make digital experiences fast, intelligent and secure, Casey says. Part of his role is to support that mission while ensuring that the company abides by necessary privacy and security principles when providing its services to some of the biggest content providers on the internet.

“I cannot turn our 8,000 plus-person workforce into lawyers, but I can give them a few key legal principles to follow,” he tells Vanguard from his home office in Virginia. “I can turn them into privacy people. That’s the only way to do it.”

Keeping things private and in compliance

When it comes to cybersecurity, data privacy and compliance, Casey says trust is everything. Trust between the company’s leaders and its employees, trust between Akamai and its vendors, and trust between the company and its customers.

“My team’s mantra states, ‘If you can’t protect it, don’t collect it,’” he says.

The privacy laws that govern businesses like Akamai are often written as broadly as possible, Casey says, so getting employees to better understand how the laws and principles apply to Akamai—and how the company’s legal team can be an asset—is a big part of his job. For example, building privacy controls into products from the beginning, called privacy by design, is an important component in many privacy laws, he says.

Akamai has taken privacy by design and worked it into its product development, Casey says. A new product does not get launched without first passing through a privacy impact assessment stage, where the product team and the privacy team work together, to ensure that the product complies with privacy laws.

“It’s crucial that in-house lawyers are seen as facilitators rather than barriers to the company’s mission,” he says.

“Occasionally we have to say no, but because we are trusted to facilitate the company’s goals, people listen,” Casey says.

Ensuring protection and security

A big part of keeping personal data and other information private is cybersecurity, and monitoring Akamai’s digital channels for bad actors has kept the company especially busy during the COVID-19 pandemic.

According to Casey, there’s been a dramatic increase in phishing attempts via email, and there’s been a bump in voice phishing attacks, where people are pretending to be someone else to gain access to information. In response, he says Akamai’s Enhanced Threat Protector product has really taken off.

“Our team has realized the approach to training has needed to change. So maybe the COVID-19 situation provides an opportunity to make that happen,” Casey says. “We used to be able to sit down with people for an hour and tell them what to do. Training needs to be more about awareness and not listening sessions.”

With a global workforce of more than 8,000, awareness campaigns and reminder emails, short videos and occasional conference calls are replacing the traditional training methods of years past. Akamai isn’t likely going back to the same level of in-person work, and employees can have training fatigue, Casey says. He hopes the new ideas alleviate any training concerns.

“There’s a lot of day-to-day things we can do as a company and as individual employees that make it harder for the bad actors,” he says. These methods include talking about the kinds of risks being seen and giving people tools to recognize threats.

Finding the right market

Casey grew up enjoying science, and says he first thought he’d work as a scientist or an engineer. During his early years at Cornell, he realized that an engineering career wasn’t for him, so he switched his major to history with a focus on Medieval Japan and Icelandic literature.

“I was one of the first in my family to go to college, but there wasn’t a big job market for me in my chosen major. I ended up working as a paralegal and realized I had a specific skill set, so I went to law school,” he says. He earned his law degree at the Cornell Law School.

Casey spent his first professional year as an associate for Fletcher, Heald & Hildreth, followed by five years at Morrison & Foerster. Then, after one year at Greenberg Traurig, he made the move in-house at Neustar, a tech company that provides services and analytics to industries including entertainment, marketing, defense and telecommunications.

He spent nearly 14 years at the Virginia-based company, first as director, policy and business development, then senior director, law and commercial services. He was the associate general counsel for two years until he left Neustar in October 2014.

Casey came to Akamai as a product and technology lawyer in October 2014. As the need for focused privacy compliance work increased, he was moved to the associate general counsel and chief data protection officer role. He was named chief privacy officer in December 2019.

“Being an in-house attorney was never a goal, but now that I’ve done it for more than 20 years, I know it just fits me the right way,” Casey says. “You might say it provides me the right framework to succeed.”