Privacy Is Your Business

What's the payoff for CIOs becoming privacy champions? Better business, more secure IT and a higher corporate profile.

By Susannah Patton
Tue, June 01, 2004

CIO — In September 2002, the Department of Defense asked JetBlue Airways to hand over more than 5 million passenger records. The airline, known for its discount fares and leather seats, promptly complied with the request, releasing names, telephone numbers and travel itineraries to a DoD contractor.

JetBlue’s CIO at that time, Jeff Cohen, didn’t hear about the request; the DoD went directly to the company’s marketing department, bypassing IT altogether. Cohen discovered months later that the airline had released passenger information in violation of its own privacy policy.

JetBlue now faces class-action lawsuits filed by outraged customers and potentially millions of dollars in settlements or awards. Cohen has since left the airline, but in retrospect he says that he and other top executives should have been involved in the decision to turn over such sensitive passenger data. "Everybody in a leadership position at JetBlue who had anything to do with data should have known about that request," Cohen says.

JetBlue’s saga is a cautionary tale for corporate America, which is increasingly using powerful data mining software and surveillance technologies to gather personal data and track movements of customers on and offline. One of the lessons learned is that CIOs would be wise to play a more central role in the shaping and enforcing of data privacy policies. As the guardians of data, CIOs are uniquely positioned to understand how customers and privacy advocates could view data collection and mining as intrusive. CIOs may not always make the final call on who gets access to customer data?top management will often issue such decisions?but they must do more than oversee data collection; they must reposition themselves as the champions and advocates for privacy. If they don’t, what’s to stop their company from becoming the next JetBlue?

CIOs can become privacy champions by initiating a formal process for data access and educating themselves about new regulations and technologies that can help protect data privacy. They can insist that their companies tell consumers how their data is used and how the latest technologies can track their habits. As marketers search for more information on customers to personalize sales and services, CIOs can secure for themselves a more strategic role by championing data integrity and facilitating the governance of what’s becoming every company’s most prized possession.

"When it comes to data privacy, as a CIO, you are the steward of it all," says Tim Buckley, CIO of the Vanguard Group. "You can’t sit back because it gets tougher each year. More and more people are going to want access to your data."

Continue Reading

Our Commenting Policies