Data governance. Privacy. Security. E-mail deliverability. Spam prevention.
These are all things Dennis Dayman, CIPP/US, CIPP/IT, knows well. With nearly two decades of experience, and, most recently, six years as chief privacy and security officer of marketing automation firm Eloqua—acquired by Oracle in April of 2013—Dayman can be seen as something of a guru in the e-mail communications arena.
These are all skills Dayman now brings to e-mail intelligence outfit Return Path as its newest chief privacy and security officer. And he is clearly excited about the challenges ahead.
“As we look at the current market, filled with more cloud and data services, organizations are trading data like it is candy,” he says. “My challenge is to make sure that our many data sources are secured and that our end users are given notice and consent and choice.”
But that’s not all.
Having the analytical abilities to provide businesses with smarter communications puts the onus on Dayman and his team to ensure that the patchwork of global privacy regulations and expectations are being followed.
Return Path’s service unfolds in several comprehensive ways, including massive e-mail and marketing data collection to enhance e-mail performance, combat spam, increase ISP customer retention and build trust throughout the entire e-mail ecosystem. End users are protected from spam and other abuse, while marketers and service providers are provided with a more accurate assessment of the trends, needs and habits of their customers.
Feeding Return Path’s e-mail intelligence is a gargantuan set of data sources from nearly 2.2 billion inboxes around the world. The company also boasts of more than 70 partnerships with ISPs and two million e-mail subscribers.
Summed up: This is Big Data in action.
Dayman narrowed down the challenges he faces into three main categories.
First off, understanding the many data sources with which Return Path has access is paramount. To do so, Dayman must analyze the vendors of business partners—what he calls vendor assessments—and ask if they have the right to a given data source. And once partnered with a business and the various business units, he points out, you have to constantly talk with them every couple of months because their vendors and business partners are constantly changing.
He used the recent Target breach as an example. “In conducting a vendor assessment, I might have asked if their networks were segmented from their point-of-sale systems.” That kind of questioning, he says, can help clients realize, “Hey, maybe we should reassess our vendor agreements.” This kind of vendor assessment is something that, Dayman notes, can help other businesses shore up their privacy and security practices—especially as businesses merge.
A second major challenge ahead for Dayman is ensuring that employees understand the “dos and don’ts of data,” he says. “Are they building tools in line with our privacy policies?” If not, they need to know how to do so. “Many companies do not require privacy and security training, and that’s a good first step toward awareness of risk,” says Dayman.
“Third, my job is to take a look at the playing field,” he says. “What are the technological and social media trends out there? For example, What’s the next fad for mobile?”
In looking at emerging trends, it’s not just the tech landscape he eyes. Dayman says he must also pay attention to the regulatory and legal landscape. “Our businesses are so global, and we’re all collecting data,” Dayman says. “You have to make sure you’re providing a service smart enough to say, ‘I need to collect and store data in a manner that is consistent with the regulations of the country of the data source.’”
Data collection aside, to ensure the e-mail ecosystem works for both business and consumers, spam and cybercrime must be limited. Dayman is no stranger to the ins and outs of spam, either. He says he helped write CAN-SPAM in the U.S. and the recently passed CASL in Canada. Of both anti-spam laws, Dayman says “they’re definitely laws that are needed.”
Perception and integration of the privacy office is also essential. He says, as a privacy officer, he doesn’t want other departments or clients to think he’s the enemy. “In reality,” Dayman says, “the privacy officer should keep businesses from failing and mitigating risk,” adding, “We’re here to help make a successful business.” That’s why Dayman says it’s critical to work with the marketing and sales teams.
Ultimately, whether he’s assessing vendors and data collection sources, ensuring employees are appropriately trained in data stewardship or surveying the technology, privacy and data protection landscape, Dayman says what he really does can be summed up in two words.
“I look at it all as data governance.”