Protecting data

January 25, 2023

How to future-proof your privacy program: A step-by-step guide


Historically, privacy’s been thought of as a cost center, the place good ideas go to die, or, at the very best: a compliance function that product simply has to deal with. It’s a place where the software lifecycle slows down, sometimes to a halt. Add to that the constantly changing regulatory landscape we find ourselves in, and managing an effective privacy program with the agility to keep up can feel impossible.

But if you build your program around foundational principles and you find the right cross-functional allies, you can insulate yourself from chaos-inducing changes.

In this three-part series, we’ll talk about how to future-proof your privacy program, starting with your approach to the business, and ending with the processes you can automate so you can do your job efficiently.

In a recent IAPP webinar, Ruby Zefo, Uber’s first and current CPO, and Chris Handman, COO at TerraTrue, discussed how they did it.

How to approach the sell

Zefo had an easier time than most getting buy-in from her colleagues and bosses because she walked into the office in July 2018. In the summer of 2017, Uber settled with the FTC over its “God View” feature, among other mistakes. In 2016, it paid hackers $100,000 after a security breach exposed 57 million Uber customers’ personal data. And the list goes on, dating back to 2011. And Uber was aiming to IPO as soon as possible, in a race against its competitor, Lyft.

So when Zefo got on the scene, she was most welcome.

“I came in thinking I'd be wearing my sandwich board around, ‘Will work for food,’ but that wasn't the way it was at all,” Zefo said. “They were just desperate to have me and so happy. I was able to move quite quickly into tactics and getting things going versus selling why it's important all the time, which all of us have probably had to do at some point in our careers. ‘Why is this important?’ You spend a lot of time getting that mind-share. I was able to skip that here at Uber, which was really helpful.”

But that also meant the pressure was on.

“When I came to Uber, it was in the throes of some pretty well-known problems,” Zefo said. “We were going to go IPO. Another one of those situations where I had to move very quickly to build something.”

While she may have had buy-in from the top down, she faced the same problems many privacy professionals do when the task is to revamp or rebuild, or build for the first time, a future-proof privacy program.

“You can do as much due diligence as possible, but you never really know what you're going to get till you set foot in a place,” she said. “I didn't really know. I did enough due diligence to know that they were pretty serious about turning this ship around in an ethical way, and there was a lot of evidence for that, but you don't know.”

Like Zefo, Handman came into a crisis situation. It was 2014, and Snapchat had just entered a consent decree with the FTC for privacy missteps. It needed to ensure it could withstand 20 years of audits without issue, and Handman had to create a program that was future-proof enough to do the job.

“I will say I was benefited a little bit by coming in with an FTC consent decree because nothing focuses the mind of your executive team like an FTC consent decree,” he said.

Like Zefo, he didn’t have to wage a lot of the same battles that you might have at other early-stage companies to persuade people about the importance of developing a privacy program upfront. But he was employee 55, and there certainly wasn’t an emphasis on reviewing code to do privacy right.

How to turn the proverbial ship around

As we all know, messaging matters. Storytelling can be important to help stakeholders understand the importance of what you need them to do to help the collective cause. And that messaging requires some tact, Handman said. Your opening pitch can’t sound like a mandate.

Sure, in cases where a consent decree is breathing fire down your neck, coming in hot with a rule-based system might or packaging privacy as a set of necessary mandates might work. But in most cases, it’s about positioning privacy as a net win.

Handman said the message should frame privacy as enhancing both the product and the user experience. You should portray yourself as part of the product design team with a unique viewpoint to share, just as a UX designer would come in with their own views about how to build the product.

“You're bringing [a perspective]that's going to be representative of the voices of consumers, of lawmakers, regulators, all of whom matter as we think about these things,” Handman said. I think that packaging actually made people sit up and think, "Oh, one: This is a lawyer who's talking in a different language that actually feels accessible and understands what we're trying to accomplish. Two: they're not coming in as a roadblock. They're trying to understand how we can make this work. Three: They get the sense of, ‘Oh, this is actually something that we can get behind." You're appealing to their product sensibilities. I think no one wants to do bad. There are very, very few bad rogue actors who want to go out and violate privacy. Most people want to build a great product in a way that feels protective of people's autonomy.”

“It's like a first date,” said Zefo. “You don't just launch into the rules. You don't just tell your date not to leave the toilet seat up the first thing out of the box. You've got to warm these people up. You've got to get to know them. You've got to understand how they communicate best, what their risk tolerance level is — which is super important — and find some common ground to build trust. I've had trust that has been built over a Cuban sandwich, over my tolerance for very fast driving, because I had a client who raced Ferraris. It’s about humor in intense situations. There are all kinds of ways to do that, and of course, going the extra mile.”

Zefo said the first action should be getting to know the person you need to work closely with and figuring out what a good experience looks like for them, just like you’re focused on a customer experience. Think of that person like your customer.

“Be a Steve Jobs,” she said. “Help them understand this is something that they didn't know they need, but now you know, and so how do you build that into the products from the ground up? I think that helps you grow your scope, too, because now you're doing all kinds of things they hadn't actually imagined when they hired you.”

Use analogies when you can

Analogies are helpful for describing a concept as heavy as data privacy. Zefo likes to use one about cars and airbags.

“I've often said innovation doesn't slow you down,” she said. “You want airbags in your car. Even if you have a Tesla or a Ferrari, you don't say, ‘The airbag's ruining my design, slowing me down.’”

Sometimes, she’ll bring a picture of a person in a fast car to important meetings. When she’s asked why they’re looking at someone with their cheeks blowing in the wind, living it up, she explains, "Well, you see the guy having a great experience. What I see is a padded roll bar, a five-point harness. He's got all of these safety features, which I can see in that car, and those are the things that he saw when he got in, and then he forgot about them and enjoyed the ride."

Like the illustration shows, once the driver knows the controls are there and they feel safe with the experience, they sit back and enjoy. Similarly, establishing privacy controls allow the user to enjoy the ride – that being, using your product.

Handman uses an analogy of his own, though similar.

“The race car must be a very common analogy,” he said. “If you're moving fast, trying to develop a product, there's a lot of ways in which you need to slow things down. You could put up a wall, or a gate, or a roadblock, which no one likes, or you can build a better braking system into the actual fabric of the way the cars are built. These Formula 1 cars can go super fast, but the reason they can and still slow down is because they have incredible brakes that have been thought through with the engine. You don't just think about building a fast car without thinking about how to slow it down. You think about it as one integral whole.”

Think and talk about privacy as woven into the fabric of the software development lifecycle in a way that it's a natural extension of the way you build your products. The alternative is viewing it as an adjunct that's bolted on at the end, or a check that the product has to go through at the last minute.

“Again, analogies only go so far. You then have to execute,” Handman said.

But there are dividends to be had once you’ve executed.

Once you've turned that corner,” Zefo said, “they invite you to everything because you're fun to have around, you're smart, you're helpful, right?”

So now you’ve got some operational guidance on how to approach future proofing your privacy program with cross-functional buy-in. In part two of this three-part series, we’ll talk about the specifics of future-proofing your program using privacy by design.

If you prefer to consume information you cause use visually, check out the full webinar, featuring Ruby Zefo, Uber’s CPO, and Chris Handman, COO at TerraTrue.