Jill Phillips is considered one of the top privacy experts in the world having built and led successful privacy programs at three of the largest companies in the world. Jill was most recently Chief Privacy Officer for General Motors, responsible for overseeing GM’s global enterprise-wide data privacy program. Previously, Jill was the Global Privacy Manager for Chevron, where she established Chevron’s privacy program. Prior to that, she was the consumer marketing attorney and first Global Privacy Officer for Dell. Her interest in privacy began in the late 1990’s when she was e-commerce senior counsel at Ford Motor Company.

Privacy is broken, and people and businesses are paying the price. The costs of privacy compliance keep going up, while the real benefits to individuals (such as customers, employees and independent contractors) keep going down. This foundational research report helps IT executives frame the already-too-broad “privacy” discussion to more cost-effectively deal with compulsory privacy compliance issues. This report explores how companies may get maximum leverage from their privacy compliance costs, and deliver more benefit to their customers, partners, shareholders and employees. “Privacy beyond compliance” is an invitation to embrace privacy compliance costs and even to incur additional costs in those organizational settings where an ounce of privacy prevention may be worth a pound of security or potential liability cure. In the proper circumstances an ROI is possible that potentially converts privacy from an isolated regulatory cost center into an integrated profit center for the well- managed enterprise. In this report, TechVision Research explores the ways in which privacy-related sunk costs can help to improve overall enterprise information system integrity. This report suggests that the ROI from privacy expenses can be improved by thoughtful leverage of unavoidable privacy-related costs, and the report identifies more than a dozen examples of situations in which privacy-related costs can be reasonably managed as a “leveraged investment” toward improving security and/or mitigating other enterprise risks. In this report, we also suggest that “privacy” challenges are a symptom of the underlying illness of enterprise information “leakiness” caused by network complexity. Plugging these leaks requires expenditures directed to improve the reliability of both the technology, the people and the processes in a given enterprise network system. We believe enhancing this “socio-technical” system reliability yields additional benefits by improving security and mitigating a multitude of enterprise risks. This report covers:

• The relationship between privacy-related sunk costs and overall enterprise information system integrity
• The value of looking at privacy issues through the broader enterprise risk lens
• The opportunity to convert privacy costs into positive business outcomes
• The value of focusing on socio-technical system reliability
• Integrating privacy costs into the overall enterprise risk planning