Privacy issues: getting noticed; Privacy has become a bottom-line business issue, and companies around the globe are seeing value in ramping up compliance efforts to enhance their marketing, brand and image.

• Author: Heffes, Ellen M.
• Position: Privacy - Alan Westin, publisher of Privacy & American Business - Interview

Driven by the Internet, sophisticated marketing practices, legislation and regulation, privacy issues have taken on new prominence, both in the U.S. and internationally.

A lapse in the handling of customer or employee information could cost companies dearly, not only in dollars (in lawsuits), but also in reputations and subsequent customer loss. Yet while most U.S. companies follow the law, only about 5 percent of the largest U.S. corporations seem to demonstrate a "strategic" view of privacy, by creating a management position for the implementer of policies, the "chief privacy officer (CPO)." Growth of the role came to a screeching halt amid budget cuts following the early 2000 recession and 9/11. That may be changing.

Financial Executive Managing Editor Ellen M. Heffes spoke to Alan Westin about the nature of privacy issues impacting business. Dr. Westin is co-founder and publisher of Privacy & American Business, a publication of the Hackensack, N.J.-based Center for Social & Legal Research, for which he leads the activities, and Professor of Public Law & Government Emeritus at Columbia University.

Q While privacy has long been a business concern, it's recently take new prominence. What has sparked this greater interest for businesses?

AW: Yes, privacy has been a business concern for a decade or more, but recently three things are driving it. One is identity theft and its enormous impact: Surveys show that between 33 and 38 million persons have been victims of identity theft.

Second, a significant number of people online are upset about so-called "spyware" and [other] monitoring functions. They read about "footprints" [and that] their identities and information can be harvested and misused. So, there's a feeling that the Internet is not a safe place to be.

The third is huge new regulatory [changes] in the last five to seven years in the financial services industry with GLBA (The Gramm-Leach-Bliley Act, or The Finance Modernization Act of 1999, which replaced the Glass-Steagall Act). People now receive notices telling them what [information] is being collected, and they are given certain choices.

Now, marketing to acquire customers or get them to purchase more services is impacted by a major federal regulatory system. So, financial-services businesses must pay serious attention to privacy because of both regulations and the threat of civil litigation issues.

All of the major industries that deal with consumer relations have been impacted by privacy regulation--telecommunications, financial-services, health and medical--and if you're online in any industry, privacy is relevant. Take health, for example. Driven by privacy rules under HIPAA (The Health Insurance and Portability Accountability Act), every doctor or dentist, pharmacy or hospital handling health data-processing is now knee-deep in regulations [and responsible for] privacy notices.

These [notices] have intensified the concern about privacy, and...