Despite Privacy. Security. Risk. being in Las Vegas this year, it still had a whiff of Silicon Valley, with a number of start-up technology firms both working the exhibit hall and attending panels designed to explore the challenges of doing privacy in an agile, start-up environment.
Then there is the challenge of doing privacy at a start-up looking to sell privacy-enhancing solutions.
That topic was explored at “The Internet on Your Terms—New Innovations in Privacy and Security,” which featured venture capitalist Ursheet Parikh, from Mayfield, along with representatives from Confide, Personal and Disconnect, who all have varying privacy-enhancing solutions for both consumers and enterprises and are VC-funded.
Some of the issues you can predict. Even though Casey Oppenheim, cofounder of tracker-blocking firm Disconnect, is a lawyer with privacy training—thus making a privacy pro hire number one—privacy remains “a grind.” When you’re growing quickly, it can be hard, he said, to get the attention of designers and salespeople who are focused on getting products out and revenue in.
Panelists participating in the session "The Internet on Your Terms—New Innovations in Privacy and Security" at P.S.R. in Las Vegas.
That was echoed by Caroline McCaffery, CPO at New-York-based machine-learning start-up Clarifai, as part of the “Privacy, Security & Risk in Collecting Personal Data at Tech Start-Ups” session: “It’s a money and bandwidth problem,” she said, noting that she was employee number 17. “You have to hire privacy people and spend money on them. And spending money on privacy might not be the highest priority.”
However, said Parikh, who pegged the average CPO hire around employee number 50 or so, the venture community is very much focused on how a company governs its data when due diligence is happening.
That can create a tension, but it can also create the kind of executive buy-in you need at the CEO level to get that privacy pro hired earlier in the company’s development cycle.
Another problem can arise that might not be intuitive: Start-ups focused on privacy may not be able to gather much data on how their product is being used.
“People ask me what the typical use case for my product is,” said Jon Brod, cofounder of Confide, an ephemeral messaging service. “I tell them, ‘I have no idea.’” The messages disappear and the company collects virtually nothing about its users.
Disconnect has the same issue but has had good success with surveys and, now, with 15 million users, Oppenheim finds, “we get a lot of unsolicited feedback.”
So, how does one advocate for budget and make sales at the same time?
Josh Galper, CPO at Personal, which does private clouds for group information sharing, said it’s important to pitch the ability for privacy to increase the performance and efficacy of the product. “It’s not the privacy budget that’s going to buy our product,” he said, “but it’s privacy that makes the product attractive.”
Privacy professionals at start-ups in general need to understand the business goals and be part of the marketing effort, not just be your traditional compliance expert, just about everyone agreed.
Further, they need to be involved in developing the firm’s ethical stance, said Anna Hannan, founder of Mastiff Data, a start-up that provides tools for demonstrating privacy priorities to consumers. “Privacy needs to be the mantra and culture of your business,” she said. That leads to integrity and trust, she said, and that can allow you to maintain customers should a breach or privacy issue occur anyway.
Comments
If you want to comment on this post, you need to login.