TrustArc Blog

Meet the Leading Players in the Privacy Ecosystem: J. Trevor Hughes, President & CEO, International Association of Privacy Professionals

September 09, 2015

JTrevorHughes

Over a hundred organizations are responsible for shaping the future of data privacy. In this series we profile some of the organizations that are helping to shape the massive privacy ecosystem through the eyes of the professionals that work there and learn more about their perspectives on privacy.  

 

What is the IAPP’s role in the privacy ecosystem?

As the world’s largest privacy organization, our role in the privacy field is to help practitioners build and develop their careers. The IAPP works to define, support and improve the privacy profession globally while providing a forum for all those who touch data in their work to share best practices and advance privacy management. The IAPP is the place where privacy pros can find the people, tools and information management practices they need to excel in the field.

 

What key goals/issues is the IAPP focused on tackling?

With an ever-increasing amount of data being created and amassed both online and offline, and bringing with it ever-increasing privacy challenges, the IAPP is committed to growing and improving the quality of our education and training offerings—from our publications and web conferences to our on-the-ground trainings and information sessions at our events. For example, with the EU General Data Protection Regulation on the horizon, and predicted to have implications far beyond the EU’s borders, we’re focused on ensuring we’ll have the information, resources and training opportunities our members need available to them as this new era in privacy law comes into effect.

 

How has the IAPP’s focus changed over the years to address evolving technologies or challenges?

Since our founding in 2000, our mission has remained evergreen: to define, support and improve the privacy profession globally. And this mission has become more essential as our profession grows and we see previously unimagined technologies becoming commonplace just 15 years out. As new technologies emerge, the IAPP continues to gather resources, conduct and collaborate on new research and build education and training opportunities to provide privacy pros with the tools they need to understand and address those challenges.

Read more “Meet the Leading Players in the Privacy Ecosystem: J. Trevor Hughes, President & CEO, International Association of Privacy Professionals”

End of Month Recap: What You May Have Missed [August]

August 31, 2015

At the end of each month we’ll compile a list featuring some of the most informative and interesting privacy blog posts to let you know what topics are driving the privacy agenda this month. This month on the blog we covered data breaches, ‘Right to be Forgotten,’ and the new IoT Trust Framework, among other topics. This was the second month of our new series featuring the leading players in the Privacy Ecosystem. Check out the list below for some of the most popular blog posts this month:   New IoT Trust Framework Addresses Privacy Risks & Guidelines On Aug. … Continue reading End of Month Recap: What You May Have Missed [August]

Meet the Leading Players in the Privacy Ecosystem: Gabe Totino, President & CTO, AssertID

August 19, 2015

gabe_blog

Over a hundred organizations are responsible for shaping the future of data privacy. In this new series we’ll profile some of the organizations that are helping to shape the massive privacy ecosystem through the eyes of the professionals that work there and learn more about their perspectives on privacy. 

What is your organization’s role in the privacy ecosystem?

AssertID provides a web-based self-serve consent platform for consumers, educators and businesses. The platform coordinates the consent process ensuring compliance with regulations such as COPPA and FERPA. It promotes transparency between the parties and encourages the use of best-practices so that businesses can act responsibly and consumers can have a degree of control in their online privacy.

 

What key goals/issues is your organization focused on tackling?

Consumers need to trust that their privacy is not being undermined when online. Businesses need to know that they can get access to information that is integral to providing their service. Our goal at AssertID is to create an effective communication & control channel between the consumer and the provider so that the consumer becomes engaged in privacy matters, and the provider has an opportunity to earn the consumer’s trust and business. We are currently concentrating on facilitating compliance with the COPPA and FERPA laws and engaging parents and educators with the goal of protecting children’s online privacy. This provides us with a good starting point to raise awareness about online privacy and get consumers to become more involved in protecting their privacy while online.

 

How have your organization’s goals/focus changed over the years to address evolving technologies or challenges?

Our focus has not changed considerably over the years. The goal remains the same – to be a catalyst in a movement where businesses become more responsible and open about their practices and consumers become more savvy about their privacy. To that end, we continue to keep abreast of new challenges that businesses face with compliance and continuously evolve the platform to remove any roadblocks they might present.

Read more “Meet the Leading Players in the Privacy Ecosystem: Gabe Totino, President & CTO, AssertID”

Meet the Leading Players in the Privacy Ecosystem: Daniel J. Solove, Founder, TeachPrivacy

August 12, 2015

Over a hundred organizations are responsible for shaping the future of data privacy. In this new series we’ll profile some of the organizations that are helping to shape the massive privacy ecosystem through the eyes of the professionals that work there and learn more about their perspectives on privacy.

What is your organization’s role in the privacy ecosystem?

TeachPrivacy provides computer-based privacy training and information security awareness training to organizations in a wide array of industries. TeachPrivacy has FERPA training for schools, HIPAA training for healthcare providers and business associates, PCI training for merchants and others handling payment card data, and much more.

What key goals/issues is your organization focused on tackling?

Our goal is to provide training that really makes a difference. Training is one of the most important things an organization can do to mitigate the risk of having a data breach or a privacy incident. I founded TeachPrivacy because I thought that there was a better way to train employees about these issues – to really educate them, to show them why they should care.

My goal is to apply good teaching techniques to training. I learned a lot in teaching as a professor and in speaking to audiences of all types. I aim to create training that is engaging, concrete, vivid, and memorable.

How have your organization’s goals/focus changed over the years to address evolving technologies or challenges?

Our goals have remained stable – we are an education company. Our primary goal is to help organizations educate their workforce about privacy and data security. We want to make the best training we can create.
In the training I develop, I strive to use the techniques that work the best – using stories, interactivity, vivid imagery, varied styles and approaches, immersive experiences, activities, genuine passion, and memorable explanations. There is a timeless quality to these techniques. They have worked for thousands of years.

Looking ahead – what are the most important data privacy issues/concerns you think need to be addressed by the industry and/or government legislation?

It would take many books to answer this question. But one overarching point that I think is essential: The best legislation includes governance provisions – it requires a privacy and security officer, privacy and security programs, routine risk assessments, training, policies and procedures, etc. And there must be good enforcement. Laws without such provisions are often poorly followed.

Read more “Meet the Leading Players in the Privacy Ecosystem: Daniel J. Solove, Founder, TeachPrivacy”

Meet the Leading Players in the Privacy Ecosystem: Lou Mastria, Digital Advertising Alliance

July 22, 2015

Over a hundred organizations are responsible for shaping the future of data privacy. In this new series we’ll profile some of the organizations that are helping to shape the massive privacy ecosystem through the eyes of the professionals that work there and learn more about their perspectives on privacy. 

Lou_blog

What is your organization’s role in the privacy ecosystem?

The Digital Advertising Alliance was created to give consumers better information and control over the use of data for interest-based advertising. The DAA sets and enforces standards for the advertising ecosystem through our Self-Regulatory Principles for Interest Based Advertising, and we give consumers simple access to information about and control over data collection use for interest-based ads through the blue “Your Ad Choices” icon on ads, sites and increasingly apps.

By doing so, we provide a robust self-regulatory regime that strengthens the ad-supported digital ecosystem and helps drive innovations in the delivery of online and mobile content and services. Originally founded by six trade associations in the United States, DAA has expanded through parallel sister organizations to 34 nations in 26 languages.

The DAA icon, in particular, provides an intuitive and ubiquitous ad marker and links that supplement privacy policies. From this icon, consumers are given enhanced notice and reliable access to choice controls.

The DAA Icon is now served globally more than 1 trillion times per month, and the DAA choice pages receive an average of 10 million unique visitors per year. TRUSTe is one of two “approved providers” of DAA programs in the U.S. – providing a turnkey solution for brands, agencies, publishers and ad tech firms to consider for DAA Principles implementation.

 

What key goals/issues is your organization focused on tackling?

Our goal is a consistent user experience – no matter what screen the consumer may be using. We are working to create that consistent framework on devices (DAA’s Consumer Choice Page, Consumer Choice Page for Mobile Web, and AppChoices for cross-app data collection choice) so we can continue to build trustworthy experiences for consumers and companies to rely on with regard to online data collection and advertising.

 

How have your organization’s goals/focus changed over the years to address evolving technologies or challenges?

The DAA constantly monitors changes in technology, consumer attitudes and behavior, and advertising ecosystem practices to ensure our program adapts to those shifts in a technology-neutral manner.

For example, we recently issued mobile guidance to show marketers how to apply DAA Principles for interest-based advertising and multi-site data (including cross-app) collection in the mobile environment. The guidance served to identify responsibilities of both first parties and third parties for enhanced notice and control, addressing specific data categories such as cross-app data, and providing a higher level of consent with regard to precise location data and personal directory data. These responsibilities will be enforced by our two U.S. enforcement partners – Council of Better Business Bureau’s Advertising Self-Regulation Council and Direct Marketing Association – beginning September 1, 2015. Both CBBB and DMA are independent enforcers of these precepts in the marketplace.

Another example is the video area, where DAA is close to announcing ad marker specifications for video interest-based ads.

  Read more “Meet the Leading Players in the Privacy Ecosystem: Lou Mastria, Digital Advertising Alliance”

Meet the Leading Players in the Privacy Ecosystem: Jules Polonetsky, Future of Privacy Forum

July 15, 2015

Over a hundred organizations are responsible for shaping the future of data privacy. In this new series we’ll profile some of the organizations that are helping to shape the massive privacy ecosystem through the eyes of the professionals that work there and learn more about their perspectives on privacy.

Jules Blog

What is your organization’s role in the privacy ecosystem?

The Future of Privacy Forum (FPF) is supported by the privacy leaders of more than 100 companies, as well as a number of leading foundations. Our mission is to advance responsible data practices. FPF focuses on new technologies or new data uses where there are benefits to consumers and society. We seek to support the development of new technology by ensuring that privacy risks and concerns are addressed. We do this by publishing law review articles, writing white papers, developing best practices or codes of conduct, or by convening industry, advocates and policymakers to think through challenging issues.

 

What key goals/issues is your organization focused on tackling?

FPF is working on a range of big data and internet of things related issues, including benefit/risk analysis, sensitive data, de-identification and data use for good. We have published or helped develop best practices or codes for student data, location data, connected cars, beacons, ad tech and wearables. In each of these areas, we seek to be a centrist privacy voice, supporting innovation but ready to take seriously the concerns of consumers, advocates and policymakers.

 

How has your organization’s focus changed over the years to address evolving technologies or challenges?

When FPF launched, our time was dominated by online advertising and marketing issues. Over the past 8 years, data and technology have permeated every sector of business and every segment of consumer life. The agenda today is about smart cars, smart cities, always on technologies, drones, facial recognition and more. But at the end of the day, the basic concepts are the same: who is tracking, why are they tracking, what controls exist to stop either collection or use?

Looking ahead – what are the most important data privacy issues/concerns you think need to be addressed by the industry and/or government legislation?

The privacy debate is moving away from issues of notice and choice to concerns about fairness and discrimination and civil rights. Critics worry about product testing that can be considered “human subject research” and the debate is often about the ethics of data use. It’s no surprise that FPF has a philosopher joining us next year to work on social media tracking and other issues.

Read more “Meet the Leading Players in the Privacy Ecosystem: Jules Polonetsky, Future of Privacy Forum”

Subscribe to Blog