From the public to the private sector, consumer products to publishing, Farah Zaman, CIPP/US, has a privacy career that spans the depth of the field and underscores just how relevant and vital privacy is in so many facets of our lives.

Zaman’s career started at the New York Mayor’s Office for International Affairs, where an unpaid internship led to her first privacy role in 2013, as an attorney in the Office of Data Privacy at the New York City Human Resources Administration/Department of Social Services.

That work launched Zaman’s interest in privacy and public service and how the two intersect while taking a special interest in how privacy laws differ internationally.

In 2016, she took the leap from the public to the private sector, joining global marketing research firm Nielsen as a privacy counsel in 2016. A little over a year later, she led Colgate-Palmolive’s global privacy program as a senior global counsel. In June 2019, she joined the Meredith Corporation as its first chief privacy officer.

“I just love how dynamic and interesting (privacy) is. It’s this very real thing. It’s intangible in that it’s data, but it has such a real-world consequence. I’ve been very fortunate to handle privacy issues in a number of industries,” Zaman said. “I think it’s important to the law, to humanity, to society. Whether or not you view it as a fundamental human right is irrelevant, because it governs the most important asset that there is in the world today. It’s relevant to every single industry and every single company.”

When Zaman joined Meredith — a multiplatform media company reaching more than 190 million customers and nearly 95% of U.S. women each month — she brought experience building a leading a global privacy team, so the opportunity to build a program at Meredith wasn’t enticing all on its own. It was the priority the company placed in creating a strong privacy program and department.

“It was clear this role was going to have a mandate, the right level of support, and they wanted it to be a leading privacy program,” Zaman said. “I did not want it to be a compliance role. They had the appetite to do it now and do it well and do it proactively — that to me was super exciting.”

While Meredith’s brands, like People and All Recipes, are known domestically and internationally, the company does not have entities operating abroad, so its privacy program takes “a bit of a different focus.” She started with a risk assessment of how to build a viable program and an intensive data mapping project. While the program was formed prior to the effective date of the California Consumer Privacy Act, Zaman said it was developed with the CCPA in mind, and it includes components of the EU General Data Protection Regulation.

“I’m very passionate about the role privacy plays in a society and in an individual’s life and companies have a real responsibility to make sure they are helping society innovate and move forward in a way that is mindful of the unintended consequences,” she said. “I see privacy done well as just good business — not only by ensuring companies comply with laws, but also that companies build consumer trust and help teams watch out for unintended consequences or misuse.”

Zaman’s three-member team is relatively lean, she said, “given how much we do.” One of the biggest challenges they face, she said, is the volume of change — changes in regulation, advances in technology and shifting business objectives, for example.

“It’s not even a matter of scale; it’s more a pace of change. It’s just how do you stay motivated and do things in a balance where you are not overdoing something but not leaving something out,” she said. “Some of it is really spending the time to understand how people are thinking about things, what their process is, and how we as the privacy team can be the connective tissue.”

Her team is also closely watching federal and state privacy developments, including pushes for federal legislation and the recent passage of the California Privacy Rights Act. As matters unfold, Zaman and her team are working to ensure they are advocating for the publisher's position.

Zaman said she is often asked how she made the transition from the public to private sector. She credits the privacy experience she gained at the New York City Department of Social Services and the privacy community. Two people stand out in particular, she said: her former Nielsen colleagues Stephen Kline, CIPP/US, and the late Elise Berkower, CIPP/US, who served as Nielsen chief privacy officer, both of whom shared government roots and valued the transferability of skills.

The IAPP community and certifications are a part of her successful transition, too, she said, helping to “open that door and legitimize I had a baseline understanding of the field of privacy beyond just my immediate role.”

IAPP CEO and President J. Trevor Hughes, CIPP, will host Zaman during the IAPP’s “Profiles in Privacy” series Nov. 16 on LinkedIn.

Photo by Timon Studler on Unsplash