Over a hundred organizations are responsible for shaping the future of data privacy. In this series we profile some of the organizations that are helping to shape the massive privacy ecosystem through the eyes of the professionals that work there and learn more about their perspectives on privacy.
What is the IAPP’s role in the privacy ecosystem?
As the world’s largest privacy organization, our role in the privacy field is to help practitioners build and develop their careers. The IAPP works to define, support and improve the privacy profession globally while providing a forum for all those who touch data in their work to share best practices and advance privacy management. The IAPP is the place where privacy pros can find the people, tools and information management practices they need to excel in the field.
What key goals/issues is the IAPP focused on tackling?
With an ever-increasing amount of data being created and amassed both online and offline, and bringing with it ever-increasing privacy challenges, the IAPP is committed to growing and improving the quality of our education and training offerings—from our publications and web conferences to our on-the-ground trainings and information sessions at our events. For example, with the EU General Data Protection Regulation on the horizon, and predicted to have implications far beyond the EU’s borders, we’re focused on ensuring we’ll have the information, resources and training opportunities our members need available to them as this new era in privacy law comes into effect.
How has the IAPP’s focus changed over the years to address evolving technologies or challenges?
Since our founding in 2000, our mission has remained evergreen: to define, support and improve the privacy profession globally. And this mission has become more essential as our profession grows and we see previously unimagined technologies becoming commonplace just 15 years out. As new technologies emerge, the IAPP continues to gather resources, conduct and collaborate on new research and build education and training opportunities to provide privacy pros with the tools they need to understand and address those challenges.
How do you think the Privacy Ecosystem will/needs to evolve over the next 3-5 years to be fit for purpose?
Cybersecurity. Data breaches. The Internet of Things. Big data and its role in research and advertising. New and evolving technologies—and new and evolving regulations. These are just a few of the privacy subjects making headlines daily and giving us a window into what we can expect in the next three to five years. Improved conversation around these topics, better communication between privacy pros and technology pros. How often have we heard we need to find a common language? Awareness of developing privacy rules and enforcement actions across the globe and increased connections between privacy and security teams will undoubtedly be areas of evolution in the Privacy Ecosystem.
Tell us about your role at IAPP.
As president and CEO, I lead the IAPP’s strategy and supervise its business and affairs. When the IAPP was founded in 2000, it was a tiny organization focused on what was then a just-emerging profession. Since then, we’ve grown to about 24,000 members and more than 90 employees, offering multiple certifications, education and training opportunities, creating the IAPP Research Center and providing a range of publications and regional and international events, including the world’s largest privacy conference, the IAPP Global Privacy Summit.
How did you start working in the privacy field and why do you enjoy it?
For six years I was in-house counsel at a large insurance company where I had responsibility for some of the earliest e-commerce implementations at that company, which included privacy issues. From there, I became the director of privacy at a dotcom; it just kept rolling from there, and in 2000, the IAPP was born.
I’ve always enjoyed the changing nature of the privacy field. With new technologies come new challenges, concerns and opportunities. I also particularly appreciate the hybridized nature of the privacy profession. Privacy professionals need to understand law but also need to understand technology, business practices and consumers’ concerns and expectations.
What do you wish more [people, business, etc.] knew about privacy?
For a long time, I pursued the perfect framework, law, or answer to the challenges of privacy. Over time, I’ve come to realize that privacy is a perpetual truth of humanity. As a result, we can never “solve” privacy. We have to expect privacy will be changed by shifts in technology, use of data and in social norms. My hope is businesses and individuals will embrace privacy in this construction, as not having a single-point solution but as ongoing, shape-shifting and requiring deep analysis.