Data privacy is a subject we take extremely seriously and in anticipation of Data Privacy Day, which took place on January 28, I sat down with Director of Privacy Counsel at Epsilon, Daniel Shore, for a brief Q&A.
During the discussion, Daniel and I touched on his role at Epsilon, how the data privacy field has evolved over the past few years, the steps consumers can take to better educate themselves on the subject and some of the most significant trends in data privacy that he sees on the horizon.
What do you find most interesting about your privacy role?
Daniel: Since I’ve been here, Epsilon (and formerly Conversant) has had a great Privacy by Design culture, which means that I’m involved in almost all aspects of the business from the onset and get to make strategic decisions that go well beyond the traditional legal role. The ability to work on such a large breadth of projects, while constantly following the evolving privacy landscape, is what I find most interesting. No two days are the same, and as the company, industry and technology evolve, so does my job.
How has data privacy evolved during the past two years?
Daniel: A better question may be “how has data privacy not evolved over the past two years?” In addition to the tremendous growth in technology, there have been new laws, regulations, codes, rules, guidance, lawsuits, etc – all revolved around privacy. All that being said, the hallmark of a good privacy program remains the same – provide proper transparency and choice.
What can consumers do to better educate themselves about data privacy?
Daniel: The interest-based advertising industry is filled with self-regulatory organizations that do a fantastic job of not only creating rules to ensure that members respect privacy, but also helping consumers understand how companies are handling their data. I’d recommend that consumers visit the websites of the Network Advertising Initiative (NAI), Digital Advertising Alliance (DAA) and Interactive Advertising Bureau (IAB), just to name a few.
Big Data continues to garner big headlines. Thinking about privacy regulations domestically and abroad, what do you see as the most significant trends? Is self-regulation still valid for the way we choose to protect consumer privacy?
Daniel: Due to the prevalence of big headlines and new regulations, privacy has gone from a legal check-the-box type function to a revenue booster. When I first started, I would only speak to our clients’ legal teams and explain how we comply with the law. Today, while I’m obviously still having those conversations, I’m also explaining our privacy practices to clients’ marketing and data management teams. Clients care about being privacy-friendly and respecting their consumers’ privacy, and they want to work with a company that has a similar attitude. In other words, we no longer have to sell clients solely on the fact that we have a superior marketing platform; we also have to sell them on the fact that we have a great privacy program to go along with it. The spotlight on privacy is only going to get larger, so I expect that this trend will continue.
To answer your second question, yes, self-regulation is still an extremely important component of the interest-based advertising ecosystem. Although the FTC, the main US privacy regulator in our particular industry, does a great job monitoring the industry and ensuring that companies are protecting consumers’ privacy, they are most effective when working hand-in-hand with self-regulatory organizations. Self-regulatory organizations are fully entrenched within the industry, can quickly adapt their codes as technology and industry practices progress and can ensure that they are taking the concerns of both the FTC and consumer in mind. Furthermore, the FTC can bring an action against member companies who don’t abide by self-regulatory codes, which make those codes as good as law.