Recently, IBM formed a first-of-its-kind Privacy Management Council, consisting of several large-enterprise customers and IBM executives, to examine the technologies and management practices that will be needed to protect consumer privacy in the e-business environment of today and tomorrow. Named to head the council was Harriet Pearson, IBMs chief privacy officer. eWeek Executive Managing Editor Jeff Moad connected with Pearson recently to discuss the privacy policy challenges that IT managers can be expected to face.
eWeek: What barriers to adequately protecting customer privacy will enterprises face tomorrow?
Pearson: I think the question is, How do you do a better job in terms of being more efficient at it and spending less to do it? [For example,] if you go to any one of our 4 million IBM Web pages where information is collected, youre given a choice to opt in or out. How do we implement that opt-out in an organization such as ours, which is incredibly big with lots of Web sites and lots of databases behind those Web sites? … The execution of it needs to improve in its efficiency and cost-effectiveness.
eWeek: Will all enterprises eventually need to have a chief privacy officer in order to protect customer privacy?
Pearson: Clearly it doesnt have to be called chief privacy officer. But all organizations sooner rather than later will need to have someone to look at information policy and usage questions. Especially if youre a company doing business internationally, if only to look at employee privacy issues. If youre dealing with consumers, you really need to look at this issue. What it ought to start with is senior management looking at it, determining whether they need a strategy that is compliance-oriented or perhaps more than compliance- oriented. … But clearly the time for having someone looking at these issues has been upon us for several years now.