A decade ago, long before the Internet was a robust commercial medium, I started writing about online privacy issues. At the time, legal colleagues told me that, while the issues were interesting from an academic standpoint, they had no real world application. They encouraged me to focus on "real" upcoming problems, like Y2K.
Undeterred, I explained that there would come a time when good privacy meant good business, and bad privacy meant horrible business. That time has arrived.
Indeed, the 2007 Privacy Academy put on by the International Association of Privacy Professionals (IAPP) that just took place in San Francisco demonstrated the absolute fact that privacy issues are of paramount importance to businesses, government, educational institutions, and of course, individuals.
Hundreds of privacy and security professionals from around the nation attended the Privacy Academy. Sponsors included companies in the technology sector, such as Dell, more traditional companies like Chevron, and professional service firms such as Deloitte, Ernst & Young, and PriceWaterhouseCoopers. The vast array of exhibitors, which included software companies Camouflage Software, Inc., HiSoftware, Inc., and Princeton Softech, Inc., and TRUSTe - an online privacy seal organization - demonstrated the urgency of fulfilling privacy protection and the rush to market to come up with solutions.
As technology has advanced, the world has become smaller, and frankly more invasive, when it comes to the potential for revealing personally identifiable information without permission. Privacy and security breaches can happen in a number of different contexts.
It is for that reason that the Privacy Academy, which hosted numerous breakout sessions over the course of three days, covered issues that arise in a variety of sectors, including financial services, marketing, healthcare, retail, government, human resources, children, higher education, international and technology.
The Privacy Academy not only identified problem areas, but participants also engaged in dialogue in terms of how to develop best practices to avoid privacy problems, and ways to cope with problems when they do occur.
Once upon a time when I first started writing about privacy issues, we were familiar with the titles CEO and CFO, but there was no such thing as a CPO. Well, here we are in 2007, and the Privacy Academy was chock full of Chief Privacy Officers who are seeking to develop workable privacy policies and practices for their respective companies.
Privacy is like oxygen. You don't really pay attention to it when you have it, but when it is gone, the problem is immediate and real. By now, we all have read about security breaches that have revealed private details about thousands of people. This not only impacts the affected individuals, but it hurts the reputation, brand and share price of the companies subject to the breaches, and can lead to private litigation, government investigations, and the payment of damages and penalties.
Y2K has come and gone without much lasting effect. But privacy protection has become a real world industry of its own, as shown by the recent Privacy Academy, and for good reason.
Companies that are respected for safeguarding private information are rewarded with loyal customers, not to mention the fact that they avoid the expense and burden of bad press and legal and governmental proceedings.
Eric Sinrod is a partner in the San Francisco office of Duane Morris LLP where he focuses on litigation matters of various types, including information technology and intellectual property disputes.
His website is http://www.sinrodlaw.com and he can be reached at [email protected]. To receive a weekly email link to Mr. Sinrod's columns, please send an email to him with Subscribe in the Subject line.
This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author's law firm or its individual partners.