TRUSTe CEO Addresses the New Privacy Ecosystem

Much is being written as of late about the multitude of privacy issues that are cropping up in the wake of our increasingly prolific, personal data breadcrumbs. As we are tracked and understood by algorithms that seek to place us into neat, usable categories, the companies behind this monitoring continually look to new ways to dig deeper into that info—and acquire more personal details.

Consultants and privacy advocates have sought to construct best practices for analytics according to their own interests. At the same time, however, advanced tools for improving not only the scope of data mining—but the size and speed at which it takes place–have been proliferating.

To sort these matters out, it helps to look to an organization that has made a long-standing business understanding privacy concerns for a connected world. We checked in with Chris Babel, CEO of TRUSTe (former VP at VeriSign) to discuss what happens when big data compounds privacy concerns.

Chances are you’ve seen the TRUSTe logo on any number of websites as a “seal” of trust and verification. The company behind that stamp of approval, TRUSTe, is finding that privacy in the age of “big data” (driven by other privacy concern-generating movements like the shift to mobile and clouds) requires a refreshed approach to addressing privacy and policies for companies harnessing big data—and for the customers who are feeding these analytical platforms with personal data.

Chris Babel provides insight from his experiences working with privacy and policies at web scale:

How has privacy management evolved from the client-server days, through to the more modern era of clouds and now big data. (Make sure to read the second question before answering to ensure no overlap—these are separate questions).

This latest era of cloud computing and big data have increased the complexity of existing privacy management challenges and have also introduced entirely new challenges. The data that consumers give a company today may be stored or used by multiple third-parties. A single piece of data can sit simultaneously on servers in Singapore and Vancouver that are owned by different companies.

This model obviously requires that companies be able to trust these third parties with their customer data. Establishing that trust is a big challenge….How do you prove as a vendor or service provider that your privacy protections meet or exceed the company whose business you want to win?

This model also introduces international privacy challenges when data is stored, transferred and collected in diverse geographies. Most countries have unique data protection laws that companies must satisfy, and as a big data company, ensuring that your data flows are globally compliant is difficult to say the least. 

What has changed about privacy management in general since data sets have continued to get larger—is size really the problem? What is the “big data” problem specifically when it comes to privacy management that hasn’t existed already?

The size of data sets certainly present challenges, but the bigger problem revolves around data profiles and their privacy impacts. Every year companies are able to collect new types of consumer data and the inferences that can be drawn about data subjects with these more comprehensive data sets can be far reaching and potentially invasive.

Helping consumers understand this process and giving them meaningful choice over the use of their data in a “big data” ecosystem is one of the most difficult privacy management challenges companies face.  People have been talking about online targeting for 15 years, but it’s only in the last few years that precise and scalable targeting mechanisms have emerged. 

What markets do you expect to see coming on board with your services that you might not have had significant reach into—and again, where does the “big data” angle fit in?

In 2011, TRUSTe introduced privacy management products for mobile and cloud markets and we expect to see adoption grow significantly in 2012. Cloud and SaaS platforms present unique privacy management challenges given the complexity of data flows and ownerships.

Mobile platforms are also fast becoming “big data” generators and encounter the same first-party vs. third-party challenges privacy management challenges as its rare that you find a company delivering a mobile app or website these days without the involvement of third-parties for optimization or advertising capabilities. We carry our smartphones on our person and they’re always on, so they can collect a continuous stream of data about us. This trend will only increase in the future.

What makes a privacy management company successful with the new revolutions in computing?—In other words, what key, new technologies have evolved to meet the privacy demands of the new era of IT (cloud, big data, etc).

Advanced crawling and opt-out technology have enabled us to bring transparency to the complexities of big data markets and to empower consumers to exercise choice over their data. This transparency is beneficial to both businesses and consumers: it helps businesses better control their data flows and data collection activities, and it helps consumers make informed choices.