Executive Suite's Understanding of Privacy Critical, Panelists Say
Making sure that executive suite members understand the privacy landscape is key to ensuring companies stay proactive and in compliance, said panelists at a privacy risk event Tuesday. During another panel, the executive director of the California Privacy Protection Agency (CPPA) discussed how it's helping raise awareness of privacy issues with businesses. Compliance vendor DataGrail sponsored the event.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Randy Wood, vice president and associate general counsel at Cricut, which makes cutting machines, said it’s sometimes hard to get executives to understand the privacy landscape.
It’s often thought that “the privacy police are [only] pulling over cars with tinted windows,” and “everyone's driving 20 miles over the speed limit,” said Wood. But recent events show privacy authorities are watching large and smaller companies.
“We can't just have liability insurance,” Wood added. Exposing non-privacy professionals to privacy issues “has moved the needle more than it has in years past.”
Jennifer Dickey, data privacy associate at the Dykema law firm, said going through tabletop exercises can help deepen the understanding of risk. “Once leadership sees how disruptive a single privacy claim can be, they start to understand why proactive processes really matter,” she said. “It stops feeling theoretical and starts feeling operational.”
In addition, expanding privacy conversations beyond the legal team to other parts of a company is also helpful, said Anna Rogers, senior privacy analyst at financial consultancy nCino. Dickey agreed that “breaking privacy" from "its silo” is useful.
Other speakers praised privacy guardrails, noting that safeguards are necessary for innovation (see 2510210035).
On another panel, CPPA Executive Director Tom Kemp noted that one of its goals is “raising awareness of our landmark privacy laws.”
In addition to various enforcement actions shining a light on key privacy issues, the CPPA will be "evangelizing" in the business community, raising awareness and visibility concerning newly passed regulations, Kemp said. These include the Delete Act (see 2310110067), and others (see 2510080054).
The CPPA plans to “have information sessions to provide more details on how businesses can operationalize these regulations,” said Kemp: There will be a campaign “that will educate Californians about their privacy rights as well.”
Kemp's recommendation to businesses "is, first and foremost, actually wear the consumer hat,” he said. "Can a consumer easily exercise their privacy rights” on your website?
“If you actually take a consumer-centric approach" to your site and "enable consumers to frictionlessly exercise their privacy rights, you're going to get benefits from it,” Kemp added. “Transparency should not be seen as a burden, but as a way to strengthen your brand and align with increasingly growing consumer expectations.”