Google, Microsoft teams work to keep pace with privacy laws
The companies offered a glimpse at the work required to try to stay on top of data privacy issues
IDG News Service - Executives from Microsoft and Google on Thursday gave a glimpse into the size of their privacy organizations, which are required for the companies to try to avoid running foul of complicated U.S. privacy regulations and prepare for changes coming to privacy laws around the globe.
Microsoft has 40 people fully dedicated to working on privacy issues and another 400 who might spend some time on privacy, said Michael Hintze, associate general counsel at Microsoft. He spoke Thursday during a Law Seminars conference in Seattle.
Google has a team of about 60 engineers fully devoted to privacy, said Keith Enright, senior privacy counsel. They work across all of Google's products. At Google, the engineers work on developing products and then the legal team steps in to examine them, he said.
In addition to its privacy engineers and legal pros, Google also now employs Anne Toth, formerly Yahoo's chief trust officer, who oversees privacy in Google+, Enright said.
The size of the teams is an indication of what's required today to keep pace with data privacy issues, said Kate Spelman, an attorney with Cobalt LLP. "People used to believe you could dip into privacy issues now and again," she said. "We've decided that's not possible any more. There is no ability to dabble in privacy." Instead, companies are hiring lawyers who are dedicated to handling data privacy.
The privacy experts at the companies spend a lot of time navigating U.S. laws. Many people bemoan the lack of a single data privacy law in the U.S., because the country has many privacy regulations, but not one overarching directive like the one in Europe, Hintze said. U.S. regulations tend to be targeted at vertical industries, such as health care.
The European Union has a data privacy directive that informs the individual laws in the 27 member countries. "We spend a lot of time answering questions from regulators in Europe and dealing with a lot of claims of noncompliance," Microsoft's Hintze said. "But at the end of the day, there's not a lot of enforcement activity."
By comparison, there are many class-action lawyers in the U.S. "just salivating" over privacy suits, he said. While they haven't been very successful, they have brought a lot of actions, and that has created negative publicity for a lot of companies, he said.
Hintze joked that the people who enjoy the best privacy protection in the world are European consumers dealing with American companies. That's because American lawyers tend to follow the letter of the law, while "Europeans, not so much," he said.
Hintze is keeping a close eye on a major review of the European data privacy directive that is in the works. While there was some hope that the review might bring U.S. and European laws closer, a leaked early draft of the updated directive indicates that it is likely to add tougher restrictions than the current version. But the final, revised directive is unlikely to be finished for a couple of years, he said.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Legal White Papers | Webcasts