ROI of Privacy: Building a Case for Investment [Webinar Slides]

1
vPrivacy Insight Series - truste.com/insightseries
© TRUSTe Inc., 2017
v © TRUSTe Inc., 2017
ROI of Privacy: Building a Case for
Investment
April 27, 2017

2
Today’s Speakers
Emily Leach
Content Manager
International Association of Privacy Professionals (IAPP)
Paul Iagnocco,
Senior Privacy Consultant, TRUSTe
& former Chief Privacy Officer, Kellogg
Eleanor Treharne-Jones (Moderator)
VP Sales & Consulting
TRUSTe
Laurel Strand
Senior Privacy Consultant, TRUSTe
& former Senior Privacy Analyst at Intel

3
Consumers actually will cross the
street for a little privacy.
Trust has an effect on your bottom line.

4
SOME STATS:
51%
Are very concerned about
privacy
*Forrester
74%
Have limited their online
activity due to privacy
concerns
*TRUSTe
83%Only use
websites/vendors they
trust
*National Cyber
Security Alliance
89%
Avoid using companies
that don’t protect privacy
*TRUSTe

5
Consumers actually will cross the street for privacy.
• Young people are concerned and paying
attention to privacy protections.
• Many don’t understand how or think it’s a futile
venture to try to protect privacy.
• Losing customer trust = losing their business.
• Establishing your company as a trusted steward
of customers’ personal information is a way to set
yourself apart.

6
Everybody else is doing it.
Don’t be that one. You know, the one without a privacy program.

7
SOME STATS:
50%
Have increased privacy
involvement on security
teams
*IAPP/TRUSTe
$1MOn average, what U.S.
multinationals plan to
spend on GDPR
compliance
*PricewaterhouseCoopers
75K
Estimated number of
DPOs needed worldwide
to comply with the GDPR
*IAPP
$354
What companies spend
on privacy globally per
employee
*TRUSTe

8
• What does your company spend on privacy
including salaries?
– Under 250k
– 250k - 500k
– 500k – 1m
– 1m – 2m
– Over 2m
POLL QUESTION

9
Everybody else is doing it.
• Apple’s stand against the FBI in San Bernardino
case
• Microsoft fights to keep data safe that’s stored
on Irish server
• Amazon pushing back on a search warrant for
Echo voice data
• Big Tech companies file amicus brief against
Facebook gag order

10
Knowledge is power – and a business
asset.
Data is currency, and you should protect it as such.

11
SOME STATS:
9%Marketers that sell data or
data services to
customers and/or
partners
*Forrester
£3,241The financial value U.K.
individuals put on their
data
*Western Digital
$800M
Data broker Axciom’s
reported revenue for 2015
*NPR
$240
The dollar value U.S.
consumers put on a SSN
*Aricent/Frog Design

12
• Data is the new oil
• Data as currency
• Data driven economy
• Every company is a data company
• Data brokerage is a $200B industry
Knowledge is power – and a business asset.

13
• How many people are working on privacy in your
organization (full time + part time)?
– 1
– 2 – 3
– 4 – 10
– + 10
POLL QUESTION

14
Avoid fines and sanctions.
Regulators aren’t out to get the good-guys.

15
SOME STATS:
130+
Spam and
spyware cases addressed
by the FTC in 2016
*U.S. FTC
€20M
Potential fine for violating
the GDPR or 4% of annual
revenue
*GDPR
$2.5M2017 HHS HIPAA
settlement amount with a
wireless health services
provider
*U.S. HHS
£350K
GA recent fine levied by
the U.K. ICO for a spam
violation
*U.K. ICO

16
Avoid fines and sanctions.
• “… the mere fact that a breach occurred doesn’t mean a
company broke the law … We don’t impose strict liability for a
breach. We don’t expect companies to be perfect.”
— Maureen Olhausen, U.S. FTC
• “With our enforcement actions, we will consider what steps were
taken beforehand, how cooperative the organization is and the
size of the breach.”
— Aileen Chia, Singapore PDPC
• “If an organisation can’t demonstrate that good data protection is
a cornerstone of their business policy and practices, they’re
leaving themselves open to enforcement action that can damage
their public reputation and possibly their bank balance. That
makes data protection a boardroom issue.”
— Elizabeth Denham, U.K. ICO

17
Funding.
Venture Capitalists are big on privacy.

18
SOME STATS:
$4MThe seed funding Privacy
Labs received to give
users control of internet
data
*TechCrunch
$350M
The decrease in Yahoo’s
purchase price after the
revelation of its data
breaches
*CNN
$35MAmount of VC funding
three online privacy
companies received in
2010
*WSJ
$2.7MFunding for
CheckRecipient to use
machine learning to
prevent breaches
*TRUSTe

19
Funding.
• In 2015, VC firm Andreessen Horowitz hired Ted Ullyot to
launch a new policy to help its portfolio companies navigate
state and federal regulations when developing new data-
fueled services.
• “It’s definitely part of our due diligence … when we have
companies that are storing customer data, like public cloud
services. What are they doing with data retention and
protection?”
— Steve Herrod, General Catalyst
• “Privacy is entering the conversation much earlier, and data
privacy is very strongly tied to the overall information
security. These are discussions at a very high level.”
— Ursheet Parikh, Mayfield

20
Data breaches cost a lot. And they’re
largely preventable.
It’s become almost inevitable, so be prepared!

21
SOME STATS:
26%
Likelihood of a breach of
10,000+ records in the
next 24 months
*Ponemon
$4M
Average consolidated cost
of a data breach
*Ponemon
36M+
Number of U.S. records
compromised due to a
breach in 2016
*IDT911
$450BWhat cyber crime cost
the global economy in
2016
*Hiscox

22
Data Breaches.
• Human error continues to be a major contributor to
data breaches
• Having an incident response team can reduce the
cost of a breach by $16 per capita
• Training employees can reduce that cost by $9 per
capita
• The biggest financial consequence from a breach is
lost business
• This is not going away

23
Questions?

24
Emily Leach emily@iapp.org
Paul Iagnocco piagnocco@truste.com
Laurel Strand lstrand@truste.com
Eleanor Treharne-Jones eleanor@truste.com
Contacts

25
Register now for the next webinar in our 2017 Winter/Spring Webinar Series
on May 23 “GDPR: DPIA & Data Breach Requirements – Assessing
Individual Harm”
See http://www.truste.com/insightseries for the 2017 Privacy Insight Series
and past webinar recordings.
Thank You!

ROI of Privacy: Building a Case for Investment [Webinar Slides]

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to ROI of Privacy: Building a Case for Investment [Webinar Slides]

Similar to ROI of Privacy: Building a Case for Investment [Webinar Slides] (20)

More from TrustArc

More from TrustArc (20)

Recently uploaded

Recently uploaded (20)

ROI of Privacy: Building a Case for Investment [Webinar Slides]