As another year draws to a close, Everteam is taking stock of some of the biggest information governance challenges facing our community. As we learned in Part One of an interview with Everteam Chief Revenue Officer JD Sillion, regulations like GDPR, CCPA, and NYDFS have changed consumer expectations, spawned new business practices, and put a premium on privacy protection. However, regulatory requirements have also presented unexpected opportunities. In Part Two of our interview, JD reveals:
- The differing privacy protection attitudes between Europe and the US
- Information governance challenges European and US organizations face today
- How information governance is driving collaboration, innovation, and positive change
JD Sillion is an executive with more than fifteen years of experience in implementing organizational change to improve both customer success and employee satisfaction. He has been a key player in the growth, strategy, and product development of several fast-growing multinational companies. As Everteam’s Chief Revenue Officer, JD promotes integrity, accountability, and open communication within his teams – a culture that is reflected in Everteam’s work with customers and partners.
Part Two of this interview took place on Thursday, September 26, 2019.
In your opinion, how do regulations like GDPR and CCPA reflect changing attitudes to privacy protection around the world?
Everteam has an information governance perspective that is informed by both our roots in Europe and our growing presence in North America. I’d like to speak specifically about the differences between privacy attitudes in France and the US.
France has a strongly-regulated privacy environment. In fact, the importance of privacy is embedded into the overall culture. Historically, regulations have emphasized personal privacy over the rights of business. As an example, the French government agency, CNIL, creates information privacy controls that dictate how businesses can collect information, what they can do with personal information, and what they cannot do with personal information. Personal information is not something that is shared without explicit data subject consent, and for authorized uses. However, these privacy regulations have in some cases slowed technology adoption. Cloud services, for instance, often assume a free-flow of user information that was problematic in this privacy model.
The US is very different. Businesses in the US have emphasized efficiency and growth, so they have built tools and technologies that enable ease of use and productivity, placing a premium on operational performance over personal privacy. This overall attitude puts a priority on making organizations more nimble and tends to take action first, with the assumption that missteps or gaps can be corrected along the way. With many of the data breaches we’ve seen in recent years, these missteps were in hindsight probably more significant than most US-based technology innovators anticipated.
So that’s the biggest difference between France and the US cultures where information governance is concerned: French organizations analyze and regulate before taking action; US organizations take action first and then course-correct as needed. They now both converge with the increased data flow and regulation requirements.
Because of these differing perspectives, do you see European organizations having to overcome different information governance challenges than their US counterparts?
Yes. In the US, innovation has driven information proliferation. This began with the advent of applications and software tools that enhance efficiency and productivity. With the proliferation of PC-based apps to the cloud and mobile, these tools have helped organizations achieve new heights of efficiency, but have also presented an unforeseen consequence: a content and information explosion. Today, you have employees using collaborative tools such as Google Docs or Box, plus a company shared drive and groupware like SharePoint. They access these and other tools via desktop, laptop, and mobile devices. This creates a huge challenge for someone in charge of tracking and managing records and information.
But that’s not all. We now have an even more massive content creation problem as applications using AI are getting smarter and are starting to create content based on business rules, without human intervention. How can organizations access, identify, and discover the information they have if they don’t know what or how much information exists, where it lives, how it’s being used, and how it’s being accessed? Today, this is referred to as “dark data” and it is a big hindrance not only to privacy regulation compliance but to effective data analysis and business development.
“…dark data…is a big hindrance not only to privacy regulation compliance but to effective data analysis and business development.”– JD Sillion
One of the biggest challenges in Europe, as I stated earlier, is adoption. Where regulation and privacy concerns have hindered change, many organizations there are now embracing and adapting SaaS and cloud tools at long last, often with greater levels of privacy protection, enabling efficiency and more competitive operation in the marketplace.
Do you see information governance as the glue between these two worlds?
I see information governance as an added layer of protection for existing practices around the world. But with this added layer, organizations can drive positive change and cooperation. Look at all the data leaks over the past few years and how they have repeatedly demonstrated the importance of effective information governance, even to the most efficiency-focused organizations in North America.
With European companies employing US technology and innovation, there has been understandable concern over-sharing and exchanging information and not knowing how it’s being handled. Regulations like GDPR are driving necessary data protection and privacy controls so that information can be exchanged in a way that benefits everybody. Information governance today incorporates both European privacy and US efficiency perspectives to facilitate both ethical, transparent data use and strong technological innovation.
“Regulations like GDPR are driving necessary data protection and privacy controls so that information can be exchanged in a way that benefits everybody.”– JD Sillion
The world’s most admired organizations care deeply about their information. Everteam’s software protects sensitive information by identifying, classifying, and managing it. With three decades of experience, Everteam understands the challenges and the opportunities that come with Information Governance. Ensuring customer privacy, demonstrating regulatory compliance, eliminating redundant or obsolete information, and promoting trust are just some of the ways that Everteam helps the world’s leading brands earn the loyalty of their customers.
For more information governance news from Everteam, subscribe to our newsletter