Privacy Rules Are Key to Building Trust

Chris Calabrese photo

A conversation with Chris Calabrese, vice president for policy at the Center for Democracy & Technology

After a series of high-profile data breaches at major companies like Facebook and Capital One, organizations are overhauling privacy policies while working to regain consumers’ trust. Chris Calabrese, a longtime advocate for privacy protections, discusses the latest industry trends and how Congress could help.

When dealing with a data breach, what key thing tends to be forgotten? In other words, what element or action is more critical than it may initially appear?

In the rush to make sure you meet all your compliance obligations, don’t forget the human element. Focus on sharing as much accurate and complete information as possible. I believe people are still willing to forgive mistakes but are less understanding when they feel misled.

From a policy perspective, what trends are you seeing in structuring successful privacy programs?

Privacy policy teams within the company need to have significant authority to block risky proposals. Companies also need to be clear that programs are required to do more than balance potential profits (or gains in usership/engagement) and potential risks. They have to have clearly communicated values and set red lines that won’t be crossed.

Facebook settlement terms included big changes to the privacy program and management/oversight. Are these actions you’d recommend as preventative measures? What does this mean moving forward?

Facebook is taking a number of important steps, and I’d recommend other companies consider them as well. However, at the end of the day, all of these privacy programs require customers to trust the companies, but that is in short supply today. That’s why Congress needs to pass a federal law with comprehensive privacy rules, so we can rebuild trust in the entire system.

Related Resources

  • A Conversation with Corey Dennis: As Director of Privacy and Counsel to PPD, Corey Dennis has been closely involved with the compliance tied to the company’s integrated drug development and life cycle management services.
  • A Conversation with Hugo Teufel: Hugo Teufel, chief privacy counsel at Raytheon, offers his insights on key privacy aspects that need to be addressed in the defense and aerospace sector.
  • Bloomberg Law Leadership Forum D.C.: The Bloomberg Law Leadership Forum D.C. brings our exclusive legal series for in-house counsel and law firm leaders to Washington, D.C.
  • Data Breach: Keeping Executives Up at Night: Bloomberg Law Regulatory & Compliance Team Lead Amanda Allen and analysts Mark Smith, Dori Goldstein, and Betsy Mountenay discuss the need for implementing an agile framework that takes into account the ever-changing terrain of the privacy and data security landscape.