What Lawyers Should Know About Data Privacy