The best privacy advisers in 2007

1 2 3 4 Page 4
Page 4 of 4

Larry Ponemon, head of the Ponemon Institute, agreed. “The biggest source of demand for privacy advisory services will be helping to navigate regulations.”

The lingering effects of the war on terror caught the attention of Ed McNicholas, head of the privacy practice at Sidley Austin. "The privacy impacts of antiterrorism programs — and the potential liability of corporate America for such programs — will continue to be a predominant issue for years to come," he said. But others also see trends in the marketplace posing new challenges to corporate privacy programs.

“I think more companies will start to realize over the next couple of years that legal compliance alone won't be enough to retain their customers' trust,” said Richard Purcell, head of Corporate Privacy Group.

“I anticipate a significant upsurge in companies embracing new media technologies,” said Justine Gottshall of Wildman Harrold, “and needing to address the privacy, security and related compliance issues that are inherent in utilizing new media to its fullest potential.”

Stu Ingis of Venable agreed. "New media advertising is beginning to become mainstream, and household brands will race to understand how to utilize these services while staying within legal and self-regulatory accepted practices."

“As wireless applications continue to develop and technologies further converge, new questions will arise about protecting privacy in a wireless world,” added Alisa Bergman of Venable.

With stepped-up legal enforcement, more visibility on corporate-to-government data sharing, and new technologies impacting privacy, Rena Mears, head of Deloitte's privacy practice, sees “a growing need for integrated solutions incorporating risk identification, governance, operational controls and technologies.” What will these solutions look like?

Jim Koenig, co-leader of PwC’s privacy practice, thinks major organizational changes are part of the solution. "We see a trend where CPOs and chief compliance officers are working together to build privacy, security and identity theft prevention into larger, integrated, global risk-management frameworks."

So. if you're one of the companies I contacted for the survey that didn't have someone in charge of privacy, you may be playing catch-up in 2008.

Jay Cline is a former chief privacy officer of a Fortune 500 company and now president of Minnesota Privacy Consultants. You can reach him at cwprivacy@computerworld.com.

Popular privacy-law practices

For the second year, corporate privacy professionals said Hunton & Williams was their top choice among law firms with privacy practices. Many of the top vote-getters have bolstered their incident-response and international-compliance practice areas since 2006.

Firms

Voting Tier*

Privacy FTEs on Staff**

Key Practice Areas***

Hunton & Williams

I

24

• Global data protection

• Information security and incident response

• Financial, health and workplace

Venable

I

10

• Incident response, audits, compliance

• Legislation, investigations and litigation

• International data protection

Baker & McKenzie

I

60

• Global compliance and data transfers

• Offshoring, outsourcing and third party

• Direct marketing, e-commerce and technology

Wiley Rein

II

5

• Health care and financial services

• Overall privacy assessments

• Privacy investigations and litigation

Privacy & Information Management Services

II

2

• International data protection

• Targeted marketing

• Privacy assessments and incident response

Morrison & Foerster

II

20

• Privacy and data security advice

• Technology and sourcing transactions

• Litigation and dispute resolution

Field Fisher Waterhouse

III

8

• Global privacy compliance

• EU data protection and security

• Binding corporate rules

Covington & Burling

III

15

• Global compliance audits

• Security legislation and incident response

• New media and online advertising

WilmerHale

III

7

• International compliance

• FTC and U.S. state compliance

• HIPAA, GLB and COPPA compliance

Sidley Austin

III

21

• Data breach and information security

• Global data protection audits

• Workplace, sectoral and national security

Faegre & Benson

III

12

• Global compliance and data transfers

• E-commerce and direct marketing

• Financial, health care and employee

Cabinet Gelly

III

1

• European and French data protection

• International data transfers

• HRM and CRM system compliance

Hogan & Hartson

III

25

• Privacy and security audits

• International compliance

• Financial and health care

Wildman Harrold

III

13

• New media and marketing

• Compliance assessments and implementation

• Breach prevention, response and litigation

Based on 393 responses to the question, "Which law firm has the best privacy practice?"

*Voting Tier I = over 10% of votes cast; Tier II = 5% to 10%; Tier III = 1% to 4%.

**Firms estimated their full-time equivalents working on privacy and provided links to staff bios to corroborate.

***Firms volunteered their key practice areas.

Top privacy audit and consulting firms

The Big 4 audit firms topped the nonlaw firm list for the second year, although Booz Allen and several smaller firms newly joined the rankings. Privacy-compliance and privacy-program creation were commonly cited practice areas in this group.

Firms

Voting Tier*

CIPPs on Staff**

Key Practice Areas***

Ernst & Young

I

36

• Regulatory compliance and risk assessment

• Vendor risk management

• Privacy audits and assessments

Deloitte & Touche

I

54

• Global strategies and programs

• Governance, operations and technology implementation

• Audit, compliance and incident response

PricewaterhouseCoopers

I

25

• Global regulatory compliance

• Information security and risk management

• Privacy program development

KPMG

II

22

• Global privacy strategies and programs

• Audit, compliance and incident response

• Vendor risk management

Booz Allen Hamilton

II

22

• Global privacy strategies and programs

• Incident response and risk management

• Privacy operationalization and compliance

Samet Privacy

III

2

• Assessments, audits, policies and training

• Web, technology and new media

• COPPA, Truste, Safe Harbor

Rebecca Herold

III

1

• Privacy and compliance programs and education

• Information security programs and education

• Vendor risk management

Privacy Ready

III

1

• Privacy strategies and programs

• Issue prevention and management

• Product privacy impact assessments

Corporate Privacy Group

III

1

• Privacy strategies and programs

• Education for PII management

• Compliance planning and oversight

Based on 203 responses to the question, "Among consulting and audit firms, which one has the best privacy practice?"

*Voting Tier I = over 10% of votes cast; Tier II = 5% to 10%; Tier III = 1% to 4%.

**Firms reported the number of Certified Information Privacy Professionals as recorded by the International Association of Privacy Professionals.

***Firms volunteered their key practice areas.

****Votes for Minnesota Privacy Consultants were excluded.

Top 25 privacy experts

Privacy attorneys dominated this first-time poll, although a number of CPOs and consultants dotted the list.

Privacy Experts

Voting Tier*

Firm

Lisa Sotto

I

Hunton & Williams

Kirk Nahra

II

Wiley Rein

Chris Kuner

II

Hunton & Williams

Alisa Bergman

II

Venable

Peggy Eisenhauer

III

Privacy & Information Management Services

Stu Ingis

III

Venable

Brian Hengesbaugh

III

Baker & McKenzie

Marty Abrams

III

Hunton & Williams

Fred Cate

III

Indiana University

Ruth Bro

III

Baker & McKenzie

Becky Burr

III

WilmerHale

Shai Samet

III

Samet Privacy

Rebecca Herold

III

Rebecca Herold

Jeff Nicol

III

Privacy Ready

Maureen Cooney

III

Hunton & Williams

Bridget Treacy

III

Hunton & Williams

Eduardo Ustaran

III

Field Fisher Waterhouse

Pascale Gelly

III

Cabinet Gelly

Anna Gamvros

III

Baker & McKenzie

Emilio Cividanes

III

Venable

Larry Ponemon

III

Ponemon Institute

Miriam Wugmeister

III

Morrison & Foerster

Ed McNicholas

III

Sidley Austin

Richard Purcell

III

Corporate Privacy Group

Dan Swartwood

III

Motorola

Based on 421 responses to the question, "Which individual person would you say is the No. 1 privacy expert?"

*Voting Tier I = over 10% of votes cast; Tier II = 5% to 10%; Tier III = 1% to 4%.

Related:

Copyright © 2007 IDG Communications, Inc.

1 2 3 4 Page 4
Page 4 of 4
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon