Senior Privacy Consultant
What drew you to privacy and how many years have you been in the privacy space?
Two things drew me to privacy. First, the “Internet of Things”; second, I have watched my children grow up with a lack of attentiveness to privacy in their personal lives – they’re so willing to share private details on social media, etc. I realized that data is at the center of all of it, and I knew it was going to be a fascinating new future. Unchecked, data can have ramifications on personal privacy. I went to an IAPP conference where I realized there is a distinct body of knowledge in this area, and I have been hooked since then. This is my fourth year working exclusively in the privacy and data protection space.
Favorite GDPR Article and why
Article 12 – Transparent information, communication and modalities for the exercise of the rights of the data subject. Without openness and transparency, the rest is null and void, so to me, the most important aspect is telling individuals what you are doing to minimize the “surprise factor.” Being truthful and transparent lets people make informed decisions as to the value of what your company is doing with their data. The entire GDPR hinges on what a company is doing with the data and why.
One thing you’ve noticed that has changed about privacy since you’ve started
The volume and scale has increased significantly since when I first started. Initially, when I used to mention privacy, people would think about data breaches. Now, people are starting to see that the depth and breadth of the privacy space is very complex, beyond just a breach. I have worked in several different areas. When I was introduced to privacy I was in higher education, so I worked with FERPA. Then, when I started working in the technology space I focused more on data security and integrity matters. Next, I worked in marketing and looked at privacy from a B2B and B2C perspective. Finally, now I am looking at privacy from the operations perspective and implementing “privacy by design.”
Advice for new privacy practitioners
There is no right journey. Choose a couple areas to become an expert and then focus on those areas – you cannot tackle it all because the volume is too great. Change is happening very quickly and we are just beginning to see the tip of the privacy iceberg. For me, GDPR is going to become the tipping point that will ignite a behavior and awareness where privacy and data protections may not today. So jump in now. Once you have chosen the area to focus in on, gather as much experience as possible, and become a voracious reader. Learn through experience, networking with seasoned veterans and read.
As Kellogg’s first Chief Privacy Officer from August 2015 – January 2017, Paul was responsible for implementing a global privacy program that covers both consumer and employee privacy, including policies, procedures, contracts, assessments, training and education. In his prior 10 years at Kellogg, Paul served as senior director of global digital operations at Kellogg. In this capacity, he was responsible for identifying and leading the development and integration of marketing capabilities, including consumer product data initiatives, as well as corporate equity protection services around the globe. In addition, he has served as director for global digital strategy where he provided the vision and leadership in the building of a global digital marketing team, and as director of e-business where he was responsible for launching Kellogg’s initial e-commerce initiatives back in 2005.
Prior to joining the Kellogg Company, Paul was employed by Biggs|Gilmore agency in Kalamazoo, Michigan. There he co-created the Agency’s digital strategy discipline serving as senior digital strategist and digital account supervisor. In this capacity, he developed digital strategies and user experiences for Fortune 500 clients including, Brunswick Marine (consumer goods), Pfizer (healthcare), DuPont (automotive), Zimmer, Inc. (healthcare) and Kellogg’s (consumer packaged goods).
In addition to the above, he has served as director of Student Affairs Information Services (divisional CIO), and assistant dean of student life at Western Michigan University.
Paul has a secondary social studies teacher certification and Bachelor of Arts degrees in both Political Science and Public Administration from Western Michigan University.