When Noga Rosenthal looks at Epsilon, she sees the future of the advertising industry, she said: "I see where we're going." 

That's why, three weeks ago, she started her gig as Epsilon's chief privacy officer, leaving behind her stint as general counsel and vice president for compliance and policy at the Network Advertising Initiative.

"I think it's an exciting, interesting world where data is driving personalization in unprecedented ways and we’re seeing the digital and direct marking worlds converging," she said of the job. "I had to jump at the opportunity. In particular, I want to help ensure that this convergence happens in a privacy sensitive manner." 

Rosenthal reports to Epsilon/Conversant's chief executive, Bryan Kennedy. She has a couple of people under her, one focusing on Conversant, the personalized digital marketing company Epsilon acquired in 2014, and one person in the EU focused on Epsilon, an all-encompassing global marketing company founded more than four decades ago. Her responsibilities include ensuring Epsilon and Conversant comply with various self-regulatory schemes in both the EU and U.S., as well as various laws. In addition, she's responsible for ensuring compliance with Epsilon's own internal policies and procedures, such as access to online and offline consumer data, while she advocates on behalf of the internal teams, partners and clients to support industry self-regulation, responsible privacy practices, plus consumer awareness, transparency and choice. She will also monitor and help guide the company’s global public policy efforts.

That's an important part of the job, she said, which is something she realized while doing lobbying work at Xaxis, where she spent time before NAI.

"There's a huge lack of understanding over how the digital advertising world works," she said. "Sometimes the bills being put out frankly don’t make sense or technologically they are impossible to follow. And what you don't want is to create confusion." 

She said her aim is to interpret the privacy standards Epsilon, and its clients, should be adhering to, as well as to help educate lawmakers and consumers on how data is collected and used for marketing purposes.

It's important there's no barrier-to-entry for small companies into self-regulatory groups, she said, because, aside from streamlining the rules and getting everyone on the same page, self-regulatory groups are a great place for companies to learn about privacy and the other issues facing industry. 

Despite the naysayers, Rosenthal says self-regulation can and does work. The NAI's Code of Conduct, for example, has been successful since its inception in 2000 because those responsible for drafting it understood the technology and the ad ecosystem. In addition, as evidenced by the same code's 2015 update, Rosenthal said self-regulation works because it's flexible.

"It's always a race to try to keep up with new issues and privacy challenges," she said. "But that's why self-reg is so essential. It’s more malleable than say a law that comes into place and is maybe outdated within a year. That flexibility is key. And you'll see it again with the Digital Advertising Alliance and the Future of Privacy Forum, they've worked with their companies and there's a level of research that's done to make sure these codes reflect the technology and what can and cannot be followed."

Now she's on the other side of the desk, ensuring compliance rather than helping to develop the rules. The challenges are different, but the goal is the same: privacy practices that both protect the consumer and help the company thrive.