To commemorate F-Secure’s 30th year of innovation, we’re profiling 30 of our fellows from our more than 25 offices around the globe.
Overcoming obstacles is a full time occupation for Hannes Saarinen, Data Protection Officer at F-Secure.
Hannes describes himself as “effectively being a wholly F-Secure bred lawyer”, and “a living example of that prior tech knowledge is not mandatory for working here. Willingness to learn is, however.”
“My job is to make sure that F-Secure lives up to its privacy promises while having the data necessary to protect our customers from today’s threats. They’re much more advanced today,” says the Finnish legal expert.
One of his first forays into traditional privacy activities started when a manager at F-Secure Labs had commented that they “should probably mention something to customers.”
“It was about F-Secure software sending information from our customer devices for improved malicious behavior analysis. Those were the first steps in our practice of being transparent regarding the kind of data that we collect,” Hannes comments. “It wasn’t about compliance back then, it was just viewed as the right thing to do. Spyware and viruses weren’t transparent.”
Compliance-wise, he spent most of his waking hours last year with other key team members on the firm’s GDPR project, establishing how to exactly interpret it.
He likes rolling up his sleeves together with F-Secure’s developers, and feels privileged in his work.
Moreover, keeping pace with the constant evolution of privacy threats and practices is one of his areas of responsibility. He needs to do this in order to provide savvy advice.
“From there, I’ll start discussing, cajoling, threatening, or just holding back my co-fellows on how to keep F-Secure’s products both cutting edge and compliant,” he explains.
“We’ve developed a strong privacy culture over the years. So it’s not compliance and fear of fines that power my work, but my co-fellows thinking “if I were our customer…” too.”
Hannes is not one sit behind a desk and ponder how the gavel falls either.
“As a personal approach, a Data Protection Officer (DPO) cannot take an overtly Luddite approach to new innovations. Dipping into the deep end from time to time is also mandatory,” says Hannes. “And it’s easy for a lawyer when you have precedents or laws specifically tailored to what you are doing. In the absence of those, one simply needs to separate the essential from the background noise, ask stupid questions, and dare to establish a way forward.”
2017 saw him shift responsibilities. This suits his philosophy of taking an agile approach to things, both at work and at leisure.
“I’d done almost everything there is to do in the legal department by then. I transitioned off to F-Secure’s security organization. Now I work with privacy full-time,” he comments.
And when not solving intellectual puzzles, F-Secure’s Data Protection Officer can be found on his way up or atop large rocks.
“Bouldering is a sport where you wander around the woods, look for big rocks, and then try to climb on top of them via the hardest possible route. Repeated falling onto a landing pad, trying again anew – and often with bandaged fingers – teaches you our particular brand of Finnish persistence. We call this ‘sisu’,” concludes Hannes.
Check out our open positions if you want to join Hannes and the hundreds of other great fellows fighting to keep internet users safe from online threats.