As part of a larger presentation here at the IAPP Europe Data Protection Intensive in London, a particular slide caught the attention of attendees. The panel’s focus was on “Transparency in Marketing,” but in many ways it all seemed to boil down to a couple of basic questions:
Is what your marketing department is doing transparent to the privacy team?
Is what your marketing department is doing transparent to your customers?
And the way to get the answers to those questions popped up on a slide late in the presentation. On it, Eversheds’ Paula Barrett, BMW’s Yasmeen Rahman, CIPP/E, and MyPermission’s Aurélie Pols listed the five most important questions for a privacy office to ask its marketing department whenever a new initiative is begun.
Rahman, EMEA Regional Co-ordinator, EU Law, BMW Group:
What is the background and what are the business objectives of what you are doing?
How will it impact the customer and customer relationship?
Where are we getting the customer data from and what are you going to do with it?
Who is involved, inside and outside the company?
What technologies, IT systems and platforms are involved?
Barrett, Partner, Eversheds:
What are you seeking to achieve?
What data are you collecting?
Are you working with a vendor or partner organization to achieve this?
What tools will be used to do this?
Where is this data collection and analysis happening?
Pols, Privacy Advocate, Advisory Board Member, MyPermissions
What tools do you use?
Which data do you collect, store and use in which tool?
How does the data flow?
Who has access?
Which data do you create?
While these question sets obviously don't replace a proper privacy impact assessment, they may, said the panelists, simply be a foot in the door to a department that might not frequently think of the privacy implications of the tools and vendors it is using on a regular basis.