1 / 16

Privacy @ IBM

Harriet P. Pearson Chief Privacy Officer IBM February 7, 2003. Privacy @ IBM. THE CHALLENGE. (Why Focus on This Issue?). BECAUSE PRIVACY IS A STRATEGIC IMPERATIVE.

cartera
Download Presentation

Privacy @ IBM

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Harriet P. Pearson Chief Privacy Officer IBM February 7, 2003 Privacy @ IBM

  2. THE CHALLENGE • (Why Focus on This Issue?) BECAUSE PRIVACY IS A STRATEGIC IMPERATIVE Must address in order to build an environment where individual concerns are respected and protected, and information flows safely and securely between businesses.

  3. Privacy is about sustainable, long-term relationships • Customer Trust: Do I trust IBM as a company to do business with? • Employee Trust: Do I trust IBM as my employer? • Government Trust: Can organizations that handle information maintain trust? • Citizen Trust: Am I comfortable interacting with the “information society"?

  4. Good privacy needs good security • More people see them as the same • Co-existent relationship; not mutually exclusive • Can have good security without privacy • Can't have good privacy without good security

  5. Privacy is not a trend, it's a GLOBAL reality • It's not new. • But it's complex • It's here to stay • Internet revolution is at best 10% complete • Number of users / 3-5 years expect 1 billion people using the Net • Chips / 10X in 5 years • Computing power / 10X in 4 years • Storage / 10X in 6 years • Content / 3000% more data collected over next five years

  6. Privacy is not a trend, it's a GLOBAL reality

  7. Privacy is an issue of behavior, not technology... • Effective privacy policies are a starting point • But execution is the imperative • Need a management system for privacy -- MSP!

  8. But privacy IS about technology as well... • New technologies being developed to help users define privacy preferences • e.g. P3P • And enterprise privacy management can be improved/automated using technology • e.g. Tivoli Privacy Manager, Zero Knowledge Enterprise Privacy Manager

  9. Privacy at IBM • Internal • IBM proactive since the 1960s--first company to adopt global policy • Dedicated Chief Privacy Office leads privacy team worldwide

  10. Internal Privacy Organization Privacy Executive Council Privacy Management Team (Lead: Pearson) Geo CPOs HR Marketing BT/CIO Gov’t Programs Legal Comm’n & Links to: Business Controls/Internal Audit Security Server and Other Product Groups Research Tivoli IGS

  11. CPO Objectives • Create organizational structure to implement privacy strategy • Privacy Management Team • Management System for Privacy (MSP) • Inform and support Executive Privacy Council • Intranet site and other communications • Use technology, business controls to drive implementation • Unify technology and research efforts • Engage in policy discussions internationally

  12. Issue-Specific Policies and Initiatives Issue-specific Corporate Instructions HR Personal Data Web Personal Data Business' Personal Data Data Security Detailed Implementation Guidelines for example, notice, opt-out/opt-in language, system design guidelines, 'back-office' processes, enforcement mechanisms, etc. All Available on Dedicated Intranet Site

  13. Privacy at IBM • Privacy Research Institute • Established November 2001 • First of kind initiative • Worldwide initiative to enable privacy in e-commerce, including e-business, pervasive and mobile computing, knowledge management, and intrusion detection • Input and guidance from an international External Advisory Board of technology, government and policy experts

  14. Privacy at IBM • Privacy Customer Council • Established November 2001 to gather input from marketplace • Work hand-in-hand with IBM to address and define emerging needs and next-generation Tivoli privacy management software • Founding members include Deloitte & Touche, Fidelity Investments, U.S. Department of Commerce, Travelers Insurance, Marriott International, T. Rowe Price, Novant Health and TELUS

  15. Privacy Solutions • Enterprise Privacy Architecture • A business approach to privacy • Methodology supporting technology • An architecture for privacy solutions • A common framework to build privacy into business processes • IBM is helping customers drive privacy preferences, regulatory requirements and business needs deep into enterprise infrastructure • Trusted e-business

  16. Privacy Solutions • Enterprise Data Management Software • Enable enterprises to leverage PII (Personally Identifiable Information) while ensuring protection of customers' individual privacy. • Tag/classify PII data (non-invasively) • Record privacy policy associated with each type of data • Record which policy is in effect at the time a user submits data • Monitor/enforce submission/access to PII • Report on access to data and compliance with privacy policy

More Related