IAPP-GDPR Web Banners-300x250-FINAL

Data governance. Privacy. Security. E-mail deliverability. Spam prevention.

These are all things Dennis Dayman, CIPP/US, CIPP/IT, knows well. With nearly two decades of experience, and, most recently, six years as chief privacy and security officer of marketing automation firm Eloqua—acquired by Oracle in April of 2013—Dayman can be seen as something of a guru in the e-mail communications arena.

These are all skills Dayman now brings to e-mail intelligence outfit Return Path as its newest chief privacy and security officer. And he is clearly excited about the challenges ahead.

“As we look at the current market, filled with more cloud and data services, organizations are trading data like it is candy,” he says. “My challenge is to make sure that our many data sources are secured and that our end users are given notice and consent and choice.”

But that’s not all.

Dennis Dayman

Having the analytical abilities to provide businesses with smarter communications puts the onus on Dayman and his team to ensure that the patchwork of global privacy regulations and expectations are being followed.

Return Path’s service unfolds in several comprehensive ways, including massive e-mail and marketing data collection to enhance e-mail performance, combat spam, increase ISP customer retention and build trust throughout the entire e-mail ecosystem. End users are protected from spam and other abuse, while marketers and service providers are provided with a more accurate assessment of the trends, needs and habits of their customers.

Feeding Return Path’s e-mail intelligence is a gargantuan set of data sources from nearly 2.2 billion inboxes around the world. The company also boasts of more than 70 partnerships with ISPs and two million e-mail subscribers.

Summed up: This is Big Data in action.

Dayman narrowed down the challenges he faces into three main categories.

First off, understanding the many data sources with which Return Path has access is paramount. To do so, Dayman must analyze the vendors of business partners—what he calls vendor assessments—and ask if they have the right to a given data source. And once partnered with a business and the various business units, he points out, you have to constantly talk with them every couple of months because their vendors and business partners are constantly changing.

He used the recent Target breach as an example. “In conducting a vendor assessment, I might have asked if their networks were segmented from their point-of-sale systems.” That kind of questioning, he says, can help clients realize, “Hey, maybe we should reassess our vendor agreements.” This kind of vendor assessment is something that, Dayman notes, can help other businesses shore up their privacy and security practices—especially as businesses merge.

A second major challenge ahead for Dayman is ensuring that employees understand the “dos and don’ts of data,” he says. “Are they building tools in line with our privacy policies?” If not, they need to know how to do so. “Many companies do not require privacy and security training, and that’s a good first step toward awareness of risk,” says Dayman.

“Third, my job is to take a look at the playing field,” he says. “What are the technological and social media trends out there? For example, What’s the next fad for mobile?”

In looking at emerging trends, it’s not just the tech landscape he eyes. Dayman says he must also pay attention to the regulatory and legal landscape. “Our businesses are so global, and we’re all collecting data,” Dayman says. “You have to make sure you’re providing a service smart enough to say, ‘I need to collect and store data in a manner that is consistent with the regulations of the country of the data source.’”

Data collection aside, to ensure the e-mail ecosystem works for both business and consumers, spam and cybercrime must be limited. Dayman is no stranger to the ins and outs of spam, either. He says he helped write CAN-SPAM in the U.S. and the recently passed CASL in Canada. Of both anti-spam laws, Dayman says “they’re definitely laws that are needed.”

Perception and integration of the privacy office is also essential. He says, as a privacy officer, he doesn’t want other departments or clients to think he’s the enemy. “In reality,” Dayman says, “the privacy officer should keep businesses from failing and mitigating risk,” adding, “We’re here to help make a successful business.” That’s why Dayman says it’s critical to work with the marketing and sales teams.

Ultimately, whether he’s assessing vendors and data collection sources, ensuring employees are appropriately trained in data stewardship or surveying the technology, privacy and data protection landscape, Dayman says what he really does can be summed up in two words.

“I look at it all as data governance.”

Written By

Jedidiah Bracy, CIPP/E, CIPP/US


If you want to comment on this post, you need to login.


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Advertise in IAPP Publications

Find out how to get your message in front the people you want to reach. Download a media kit now.

Get more News »

Find a KnowledgeNet Chapter Near You

Network and talk privacy at IAPP KnowledgeNet meetings, taking place worldwide.

Women Leading Privacy

Events, volunteer opportunities and more designed to help you give and get career support and expand your network.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

The Training Post—Can’t-Miss Training Updates

Subscribe now to get the latest alerts on training opportunities around the world.

New Web Conferences Added!

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Staff

Get your team up to speed on privacy by bringing IAPP training to your organization.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.

Learn more about IAPP certification »

Get Close-up

Looking for tools and info on a hot topic? Our close-up pages organize it for you in one easy-to-find place.

Where's Your DPA?

Our interactive DPA locator helps you find data protection authorities and summary of law by country.

IAPP Westin Research Center

See the latest original research from the IAPP Westin fellows.

Looking for Certification Study Resources?

Find out what you need to prepare for your exams

More Resources »

GDPR Comprehensive: Registration Open

New! Intensive two-day GDPR training led by the sharpest minds in the field. It's a can't-miss event.

The Congress Is Cancelled

The IAPP Europe Data Protection Congress 2015 is cancelled. Click through to learn more.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

Exhibit at an Event

Put your brand in front of the largest gatherings of privacy pros in the world. Learn more.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»