A handful of brave souls have bet the farm that North American companies have a lot of privacy work left to do and not enough staff to do it. So far, their hunches are paying off. But prospective entrepreneurs, take heed: The privacy market is still new and evolving, with little predictability.
Just seven years ago, there wasn't even a privacy market to speak of. The ink on most privacy laws wasn't dry yet, fewer than 50 people worldwide bore the title "chief privacy officer," and the International Association of Privacy Professionals didn't exist.
It was in this environment that Larry Ponemon, founder of the privacy practice at Pricewaterhouse Coopers, took a leap into the unknown. In 2001, Ponemon left PwC and started the Ponemon Institute, best known for its annual surveys of privacy-professional salaries and most-trusted companies for privacy. Today, a Google search on "Ponemon" and "privacy" generates 84,000 hits. (Ponemon is also a columnist for Computerworld.com.)
"When we started the institute," Ponemon told me, "some of my PwC colleagues thought this wouldn't be very interesting or lucrative. But the past five years have been a whirlwind of opportunities."
"The long-term goal for our company is to advance responsible information management by demonstrating how good privacy practices build consumer trust and confidence," he added.
Ponemon runs the institute from a lakeside building in downtown Traverse City, Mich., where he and his staff also coordinate the Responsible Information Management Council. The council allows corporate chief privacy officers to collaborate on joint deliverables such as benchmarking tools and metrics for measuring privacy-program effectiveness.
What does Ponemon see ahead on corporate privacy agendas? "Encryption, better integration with data management functions, and the use of social networking and location-tracking tools in the workplace," he said. "I also believe that the expansion of e-discovery will create enormous privacy risks for any company involved in tort litigation."