No, privacy is not just a lawyer’s job.

Written by
Francesco Perrone
from
Game Analytics
-
November 3, 2022

The game-changer

When was the last time in history we had such a perfect storm of technological advancement, new market segments, further legal & compliance requirements and the vital need to adapt to a completely new standard of ethics and transparency? 

Privacy-related regulations, directives, laws and standards caused an unprecedented cultural disruption, forcing thousands of companies to update their well-oiled business models, with a great impact on countless day-to-day activities. 

From this point forward, each and every user, consumer and parent understands that nothing is for free, as we erroneously used to believe, and our personal data not only has a value but may also be subject to abuse and exploitation - with potentially severe consequences.    

Is nowadays’ companies obliged to choose between revenue vs. compliance, profit vs. ethics or investors vs. transparency? Not at all. Investments in privacy and security encourage innovation and “when viewed as a core business priority and a component of trust, can drive business outcomes, increase consumer loyalty, improve brand perception and lead to higher earnings"[1]. (Palia et al., 2022).

From a ROI standpoint and as depicted in the Cisco Data Privacy Benchmark Study 2021 [2], the average company gets a return 1.9 times its spending (Cisco Systems, Inc., 2021).

The ideal approach

What is the most effective way of filtering down this new way of working and ensuring that marketing, HR, product, engineering, business development, customer success and all other business functions that handle personal data ask themselves the right questions before taking any action? 

Steve Jobs, during his famous interview [3] about managing people, said: “You know how many committees we have at Apple? Zero! We have no committees” (Steve Jobs Talks About Managing People, 2010). 

The idea of having a flat hierarchy, a strong shared vision and assigning clear ownerships to each leader without any worries, certainly allows organizations to maximize resources, investments, creativity and retention - both in terms of clients and inhouse talents. 

However, unfortunately when something is ideal, rarely can it be directly applied into reality. That and also most companies don’t have a Steve Jobs in charge or Apple’s resources and legacy.

We all undertake our business (or to put it better, our limited set of tasks and activities) through our own very biased lenses, claiming we possess the one and only truth about what works best to control human mechanisms and economic cycles. One of the biggest challenges and, in some cases, struggles of a lawyer or counsel is trying the very best to not be perceived as a blocker or “naysayer”, policing the business and constricting growth. 

On the other hand, other business functions are rarely exposed to the same number of ethical dilemmas, often stemming from  a constant friction between innovation and a fast-changing regulatory framework, due to the attempt to cope with new scenarios and technologies.  

Legal counsels as ethical leaders

One of the most effective and reasonable ways of supporting a business and its success is to step back, leave behind prejudices and start to conceive the changing legal trends as an opportunity to develop competitive advantage by raising the awareness within an organization and leveraging trust with old and new customers.

However, how exactly are privacy counsels and lawyers supposed to apply principles and values to an increasingly technical environment that they know so little about? 

Sometimes, in order to affect change, hands must be dirtied. In-house legal professionals must now evolve and reinvent themselves as mediators and hybrid figures who are qualified to understand the business. They need to learn its complexity and apply the provision of the law to market imperfections. Doing so will ultimately boost revenues, growth and, most importantly, trust.

It would be sufficient to hire a brilliant legal team to successfully acquire a competitive edge on your business rivals, right? 

Wrong. There are plenty of examples when hyper-qualified teams of lawyers were engaged to set up a strong foundation for a business, ensuring 100% compliance. 

But one-hundred-percent-compliance exists only in sales pitches. The basic mistake of such an approach is trying to apply an external and predefined solution to a unique business environment with its own peculiarities, without making any effort to understand internal dynamics, single personalities, company politics and industry necessities. 

What Steve Jobs suggested is definitely the way. But, in order to achieve tangible results, the legal function must act as an ethics catalyst, creating a strong internal network of ambassadors that advocates principles and values throughout the business. This must be initiated by the executives and then instilled in each single team, deep-diving into actual tasks and developing a thorough industry understanding - with an empathic connection with the rest of the organization and its ecosystem.  

Where do we stand now?

No, privacy is not just a lawyer’s job. To achieve such a level of awareness and open-mindedness, the effort must be granular, comprehensive and, above all, mutual. The most immediate goal is to ensure that everyone working with personal data or confidential information can independently identify privacy and security risks within their area and can answer some of the questions that arise in this regard themselves or, if any ambiguities emerge, contact their DPO or legal department in a timely manner.

Committees and task forces may not be needed anymore once such an awareness is achieved and the maturity level of an organization is robust enough to pursue its objective in a sustainable way.  

But until this happens, there are a number of initiatives that leaders and legal professionals must pursue to establish the right balance between a genuine sense of ownership and a smooth collaboration culture; these initiatives including awareness campaigns, proactive technical in-depth studies and… yes, dedicated committees, working groups and ethics ambassador networks, especially in a remote working era. 

Viewing privacy and security from the perspective of ethics can help enterprises establish and improve their economic sustainability [4], as seen as a company's ability to continue its operations over a long-term horizon, ensuring adequate resources, workers, and consumers for its products into the distant future.

Ethics is key in today's business environment and forward-thinking companies are required to shape influential ethics ambassadors who are authoritative and open-minded enough to ensure the permeation of those principles and values into the day-to-day projects and initiatives.

Notes:

[1] Palia, A., Mathis, C., Nieters, D., & Gonzales, R. (2022, August 23). Privacy: An organization's responsibility for building trustworthy systems. International Association of Privacy Professionals. Retrieved October 28, 2022, from https://iapp.org/news/a/privacy-an-organizations-responsibility-for-building-trustworthy-systems/

[2] Cisco Systems, Inc. (2021). Cisco Data Privacy Benchmark Study 2021. In Forged by the Pandemic: The Age of Privacy. Cisco.com. https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/cisco-privacy-benchmark-study-2021.pdf

[3] Steve Jobs talks about managing people. (2010, June 12). YouTube. Retrieved October 25, 2022, from https://www.youtube.com/watch?v=f60dheI4ARg 

[4] Grant, M. (n.d.). What is Sustainability? How Sustainabilities Work, Benefits, and Example. Investopedia. Retrieved October 28, 2022, from https://www.investopedia.com/terms/s/sustainability.asp