IAPP-GDPR Web Banners-300x250-FINAL


Now that Big Data is lodged in the everyday parlance of businesspeople everywhere, and with growing consumer awareness of Big Data’s power, companies are regularly faced with the tall task of using data to contribute to a robust bottom line while executing strong privacy practices and maintaining positive brand recognition. But what if data IS your business? Regulators, including the FTC, are keying into the data collection and use practices of so-called “data brokers” and consumers are growing more knowledgeable of how their personal information is used, bought and sold.

In few vertical markets are privacy sensitivity and privacy professionals more intimately linked with company success.

One such company is Acxiom. Based in Little Rock, AR, the company posted a $59.4 million profit, with revenue of $1.1 billion in its most recent fiscal disclosure. According to one report, the firm has amassed a database containing information on approximately 500 million active consumers across the globe.

An Acxiom whitepaper, Searching for Balance in the Use of Personal Data: The Yin-Yang of 21st Century Commerce, outlines their belief in finding a balance between data use and consumer privacy. “We do know this,” Acxiom states in the paper, “data is not good or evil, moral or immoral—it is increasingly a product, a facilitator, of our modern way of life, and its importance to both individuals and organizations is intensifying.”

In fact, Financial Times recently reported that Acxiom plans to unveil a transparency service allowing consumers to access data collected about them. Acxiom Chief Marketing and Strategy Officer Tim Suther said, “We live in an era when transparency is important…We’re listening to that and trying to be even more transparent with people in understanding what companies like Acxiom do with information.”

Acxiom’s infusion of privacy into its marketing campaign is clear, too, when it warns businesses using personal information for marketing not to be creepy. “Here’s the litmus test: Are your actions for the individual (not creepy) or to the individual (creepy),” it states.

That’s no accident. Among the many things Acxiom’s privacy team check during its product development lifecycle is the marketing literature for its products. “We look at things like tone and how we market to businesses,” says Acxiom Chief Privacy Officer Jennifer Barrett Glasgow, CIPP/US. She notes that her team often will point out the consumer would perceive something. “Let’s be sure we mention things that consumers might be concerned about and businesses who are our clients need to know,” she says.

The Privacy Consultants

Glasgow, winner of the 2011 IAPP Vanguard Award, says, in addition to helping the marketing team, her team is heavily involved in the early stages of product development. They help the engineers and developers brainstorm ideas around building in privacy considerations from the earliest stages of product development. “We view ourselves as the consultants to help convey the understanding of the opportunities and risks our products and services need to take into account,” she says.

Before a new product goes into development, the privacy team—comprising “10 dedicated full-time to privacy and another 12 who are part time with other responsibilities”—conducts a formal review and then again prior to production. She says her team continues to help revise products as they progress through their lifecycle and will often conduct annual or biannual product privacy assessments—not quite an audit, she points out, but similar.

Leading a privacy team in such a dynamic and rapidly growing organization requires a lot of focus and attention from Glasgow and her team. She says there’s lots of privacy training, but points out that awareness can be even more important than the training. “We can’t train for all situations,” she says, “we would much rather be consultants throughout the development than just trainers.”

She says awareness throughout the organization is realized when the CEO talks about privacy or writes about it in the company newsletter. When the executives talk privacy, organization-wide awareness improves. Then, when the privacy team comes in, “people pay attention.”

The privacy team also recognizes strong employee privacy practices with a small award featuring the Acxiom logo and the motto, “Just because you can do it, doesn’t mean you should.” She adds that the organization has celebrated Data Privacy Day in January with an online privacy scavenger hunt where employees could win as much as $2,500.

Acxiom’s workforce is growing and is made up of young tech specialists. Glasgow says a growing percent of the organization is made up of “young, smart kids” who specialize in technology. “They come from the pure tech side of the equation, so they’ve never thought about technology that involves data” with privacy in mind. During their orientations the new tech specialists often say things like, “I didn’t have any idea.”

Recent scrutiny by the media and the Federal Trade Commission has reinforced the privacy principles Glasgow and her team have been preaching for a long time. She said she’s less worried about the scrutiny and more concerned about ensuring that employees and clients are aware of the privacy risks and concerns of consumers.

One of her goals is to remind the marketing people, that while they have a vested interest and a “very strong desire” to market to their clients, they have two other audiences they must build trust with: one is the regulator and the other is the consumer. “Success is dependent on all three trusting Acxiom,” she says, “we’ve got to make sure we all understand that.”

Though she wasn’t prepared to confirm that Financial Times report that Acxiom is imminently releasing a consumer accessing service to our marketing data, she did say they’re “always looking to increase transparency.  We have offered access to our risk data for some time now.” One concern with a consumer access service is security and identity verification of the requestor. In Europe, Acxiom does provide consumer access to marketing data, but it’s conducted offline, and is a tedious and “very labor intensive process.”

Glasgow notes she is lucky to have a background in computer science and mathematics. In a world with rapidly developing technology, she points out that regulators are now bringing in more tech-savvy people to their teams. “Our team is also having to constantly learn” more about evolving technology. She predicts that we may start seeing more of a hybrid privacy professional, “one that has less of a legal background and more of a technical one.”

Perhaps this potential hybrid professional will be among those shepherding the yin and yang of business interests with consumer protection in mind.

Written By

Jedidiah Bracy, CIPP/E, CIPP/US


If you want to comment on this post, you need to login.


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

Latin America Dashboard Digest

A roundup of the top privacy news from Latin America

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Get more News »

Find a KnowledgeNet Chapter Near You

Network and talk privacy at IAPP KnowledgeNet meetings, taking place worldwide.

Women Leading Privacy

Events, volunteer opportunities and more designed to help you give and get career support and expand your network.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

The Training Post—Can’t-Miss Training Updates

Subscribe now to get the latest alerts on training opportunities around the world.

New Web Conferences Added!

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Staff

Get your team up to speed on privacy by bringing IAPP training to your organization.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.

Learn more about IAPP certification »

Get Close-up

Looking for tools and info on a hot topic? Our close-up pages organize it for you in one easy-to-find place.

Where's Your DPA?

Our interactive DPA locator helps you find data protection authorities and summary of law by country.

IAPP Westin Research Center

See the latest original research from the IAPP Westin fellows.

Looking for Certification Study Resources?

Find out what you need to prepare for your exams

More Resources »

GDPR Comprehensive: Spots Going Fast

With the top minds in the field leading this exceptional program, it's no wonder it's filling quickly. Register now to secure your spot.

Be Part of Something Big: Join the Summit

Registration is open for the Global Privacy Summit 2016. Discounted early bird rates available for a short time, register today!

Data Protection Intensive Returns to London

Registration is now open for the IAPP Europe Data Protection Intensive in London. Check out the program!

P.S.R. Call for Speakers Open!

P.S.R. is THE privacy + cloud security event of the year, and you can take a leading role. Propose a session for this year's program.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

Exhibit at an Event

Put your brand in front of the largest gatherings of privacy pros in the world. Learn more.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»