Posted in April 2013

Privacy on the Ground

The Modern Privacy Function: Balancing Strategy with the Operational

Our previous posts reported some initial conclusions from almost one hundred interviews of leading corporate privacy officers, regulators and other privacy professionals in five countries. The second post explored one surprising finding—that the two countries in which privacy officers were most empowered were Germany and the United States, countries which couldn’t be more different in terms of their regulatory framework—and explored some of the reasons for privacy officer strength in Germany. 

This final post explores a caution raised by privacy officers in both the public- and private-sector regarding particular risks created by attempts to ensure that privacy is part of high-level deliberations within a corporation—risks that must be managed in developing policy regarding privacy.

More from Deirdre Mulligan


Will Retailers Have To Dial It Back in 2013?

By Jedidiah Bracy, CIPP/US, CIPP/E

Offline tracking of consumers by retailers is popping up quite a bit in the news this week, which has me wondering what the end game might be.

First, we learned that Sen. Al Franken (D-MN) still isn’t happy with Euclid Analytics—a company that has reportedly recorded the shopping habits of nearly 50 million Americans.

More from Jedidiah Bracy


What’s One Way Organizations Can Be More Accountable? Privacy Education

By David Hoffman, CIPP/US

Over the past ten years, the components of an accountable privacy program have evolved through a combination of privacy professional best practices (e.g. IAPP materials), scholarship (e.g. the Center for Information Policy Leadership Accountability effort) and regulator action (e.g. FTC consent orders). During the same period, the notice and consent model of privacy regulation has become insufficient and outdated.

As Victor Mayer-Schonberger and Kenneth Cukier observe in their excellent book, Big Data: A Revolution That Will Transform How We Live, Work and Think, “We must protect privacy by shifting responsibility away from individuals and toward the data users—that is, to accountable use.” We must couple this increased focus on accountability with efforts to educate individuals on how technology may impact their privacy. We—government, advocacy organizations and corporations—all share responsibility for this education and awareness.

More from David Hoffman