Posted in Data Governance

Privacy Profession

Which Drives Leadership: Compliance or Strategy?

Leadership is crucial to a successful privacy program. It is leadership that engages senior executives, inspires an extended team and provides hope to advocates and confidence to regulators.

But what drives leadership in 2014? Is it the need to have a highly compliant organization in an era where compliance is very complex? Or is a strategic approach to information governance when data moves from being a business facilitator to the driver of innovation?

More from Martin Abrams

From the Tool Belt

Overcoming the Security and Privacy Challenges of the Cloud

By Chris Zoladz, CIPP/US, CIPP/E, CIPP/IT, CIPP/G

There is no doubt that the use of the cloud will continue to grow at an impressive rate. IDC estimates the cloud market will be worth over $50 billion by 2014 and over $120 billion by 2020. Even the U.S. government, who is not viewed as a leader in the use of technology, has a “cloud first” mandate. With compelling evidence that migration to the cloud will improve an organization’s bottom line and business efficiencies, it would seem to be an easy decision. 

However, the ubiquitous articles and blog posts about the seemingly insurmountable security and privacy risks of moving mainstream applications to the cloud have created ample fear, uncertainty and doubt in some organizations.

More from Chris Zoladz

Opinion

Privacy and the City

By David Hoffman, CIPP/US

I have written on the need for adequate privacy protections to allow individuals to exercise their Right to Fail. For people to come together to collaborate and innovate, we need to make certain individuals can try new ideas. We need people to take risks and often fail, without running the risk that every failure will be catalogued forever in a virtual permanent record and those failures will be retrievable with a simple Internet search or report from a data aggregator/broker. People are inherently social and want to collaborate and innovate, but we need to create the right privacy policy environment to both foster that innate desire and protect individuals from counterproductive consequences from our social nature.

Edward Glaeser wrote on just this topic in his excellent book, Triumph of the City: How our Greatest Invention Makes Us Richer, Smarter, Greener, Healthier and Happier . The book describes how cities have historically been the engines of innovation as they bring people together to collaborate and create.

More from David Hoffman

Privacy on the Ground

Why Are German and U.S. Practices so Similar, if Their Regulatory Structures Are so Different?

Our previous post began to explore findings from almost one hundred interviews of leading corporate privacy officers, regulators and other privacy professionals in five countries—and what they can teach us about how the structure of the corporate privacy function can affect the success of measures to protect privacy.

We ended that post with a surprising finding: The two countries in which privacy officers were most empowered, and most involved in shaping firm strategy, couldn’t be more different in terms of their regulatory substance and form—Germany and the U.S.

More from Deirdre Mulligan

Privacy on the Ground

Operationalizing Privacy: How Empowered Is Your Privacy Office?

Where should privacy professionals be positioned within the organization?

What level of independence and authority do privacy officers need so that they can embed a value as complicated as privacy—at times in tension with a whole host of bottom-line commitments, from identifying terrorists to placing effective ads—into a complex organization?

And if privacy is to be delivered through designs and defaults, as well as policy, where should privacy professionals be positioned within the firm?

More from Deirdre Mulligan

opinion

Is Your Company a Player or Pretender?

By Chris Zoladz, CIPP/US, CIPP/E, CIPP/IT, CIPP/G

A former boss of mine had a habit of periodically and unexpectedly making provocative statements followed by a question of, “What do you think?” It was his way of generating a frank dialogue on a topic void of political correctness and corporate courtesies, and it worked.

In that same spirit, this post is intended to be provocative as you think about how the leadership of your company really views privacy. In discussing privacy with many different companies over the past several years, there are at least two distinct types: the players and the pretenders.

More from Chris Zoladz