TrustArc Blog

Privacy in Practice Spotlight: Rachel Glasser

February 20, 2015

TRUSTe’s mission is to power privacy compliance and trust, but we are not alone. This mission takes a highly dedicated expert village. Which is why we work closely with professionals at organizations around the world to jointly solve emerging privacy challenges.

Earlier this year, privacy expert Rachel Glasser was appointed as the Director of Privacy and Partner Activation at GroupM, the largest media investment company in the world. Glasser’s hire highlights the growing focus companies have toward data privacy management.

TRUSTe interviewed Glasser about her role at GroupM, emerging privacy threats and what she thinks most people would find surprising about data privacy.

TRUSTe: Tell us about your role at GroupM.

Rachel: As the Director of Digital Privacy and Partner Activation at GroupM my role is to work with clients to help them understand the complex and dynamic marketplace of privacy. I’m always available to provide guidance to our internal teams in order for them to stay current on hot button privacy issues, industry standards and changes, and to help ensure our clients are well protected when we are introduced to new products and technological developments.

 

T: What are your thoughts on the agency’s role in the privacy conversation with brand clients?

R: I strongly believe it is important for the agency to be able to help aid the client in conversations surrounding privacy. Naturally, different clients will have different needs based on the nature of their business. However, it is the role of the agency to understand how their partners and vendors work, how those partners can help advance a client’s campaign strategy in a privacy compliant way, and what exactly it means to be privacy complaint. Particularly for OBA purposes, but also for other uses as well such as COPPA compliance and other specifically regulated areas.

 

T: How do you see growth of the privacy role at agencies?

R: As technology becomes more advanced and as more platforms migrate to digital formats, such as TV, we will see more in the way of privacy implications. And as this happens, we will see an increase in new technology partners who can execute on these new formats enter the marketplace. I suspect the industry trade groups will issue guidance on safe and responsible uses of these new platforms in a privacy compliant way. It will be key for agencies to remain up-to-date on these advances, and what it means for digital marketing and their clients. It will also be key to educate consumers on responsible data use practices.

 

T: What specific type of privacy problems do you think your industry will be dealing with in the future?

R: I see new expectations coming to the forefront of what the industry will be dealing with in the future. What may have been “creepy” 10 years ago is no longer “creepy” now. A good example may be how reluctant people once were to give out their cell phone number or email address years ago. And now, it’s almost expected that one would share that information. Brands are connecting with consumers in entirely new ways that bring privacy into the equation. Cross device targeting and attribution, connected TVs, connected cars – the Internet of Things — these new formats all lead us to raise new questions about privacy. Do we want advertisers to know when we are in a particular location? Or that we may drive too fast? Do we want them to know we are using a tablet versus a smartphone? And what information from those devices is necessary to the advertiser to collect? It is also important to recognize some of the benefits that come with sharing information. However, there is a balance that needs to be struck between how much and what information we are comfortable sharing, versus how much benefit the consumer receives from that sharing.

 

T: What are your top three privacy tips (in general) for companies?

R: My top three privacy tips are:

1)     Educate your clients and your employees on best privacy practices and what they mean.

2)     Be transparent with consumers about your privacy practices, what data you collect, why you collect it and how you use it.

3)     Allow consumers choice in whether they want you to collect and use their data – and honor that choice.

The more you practice what you preach, and the more you are open and clear with consumers, the more likely they may be to share.

 

T: What type of privacy concerns do your clients come to you with?

R: Clients often come to me with questions about compliance with the self-regulatory programs. They often ask how they can participate, or what they need to do to be in compliance with self-regulatory programs. I also get questions asking to evaluate current campaigns to see what regulations need to be adhered to for specific initiatives. It can really run a spectrum of topics.

 

T: Tell us about the importance of vendor management in privacy.

R: It is extremely important to understand vendor capabilities and how their technology works. It is important to assess the different vendors’ privacy practices, and to make sure their policies are aligned with actual practice. We need to ensure that vendors are accurately representing themselves to our internal teams. It is also important for us to work closely with vendors so that we can dispel any inaccurate perceptions regarding their practices.

 

T: What do you think most people would be surprised to know about data privacy?

R: I think most people would be surprised to know that data used for advertising purposes is not the same as security breaches at retail stores. When consumers hear about a data privacy or a data security breach, they immediately think of identity theft. They do not distinguish between personal and non-personal data. It is the more personal data that is tied up in security breaches that may lead to theft of identity if improperly handled. Conversely, it is the non-personal data we use in advertising, and it is relatively benign. The anonymous data consumers share with advertisers supports the free web, and provides the free content users have access to. Users need to understand the differences between first and third parties and how the different parties may use data. Of course, it should all be left to user choice as to whether they want to share that data, but it is also very important for users to understand the difference.

I also think people would also be surprised to learn of how much they give up when they register on a particular website or voluntarily share their personal information. It is important to always read the disclosures, privacy policies, and terms of service so you understand what you are sharing and how your information will be used. There was an example where someplace in the UK was offering free WiFi if you agreed to terms of service. What users did not realize is that listed in the terms of service was an agreement to give up their first born child to the WiFi provider. Of course this was all in jest, but it demonstrates the point that users do not fully read what they are binding themselves to when they click “ok.”