Chief Privacy Officer Role and Organizational Transformation in the Digital Economy

With increased digitalization and the evolving digital economy, consumers, regulating agencies, and business partners alike demand more transparency for organizational privacy practices, generating increased pressure on organizations to establish privacy programs and initiatives. The Chief Privacy Officer (CPO) role is central to the development of these privacy initiatives and is becoming more strategic. However, the role of the CPO appears to vary significantly across organizations. This study aims to investigate how an organization\u27s privacy initiatives implementation influences the CPO role and understand how an organization needs to transform to support the emerging CPO roles in the digital economy. We present our initial findings and elaborate on a transformation model that shows the stages an organization follow to support the CPO role strategically

From Dataveillance to Data Economy: Firm View on Data Protection

The increasing availability of electronic records and the expanded reliance on online communications and services have made available a huge amount of data about people’s behaviours, characteristics, and preferences. Advancements in data processing technology, known as big data, offer opportunities to increase organisational efficiency and competitiveness. Analytically sophisticated companies excel in their ability to extract value from the analysis of digital data. However, in order to exploit the potential economic benefits produced by big data and analytics, issues of data privacy and information security need to be addressed. In Europe, organisations processing personal data are being required to implement basic data protection principles, which are considered difficult to implement in big data environments. Little is known in the privacy studies literature about how companies manage the trade-off between data usage and data protection. This study contributes to explore the corporate data privacy environment, by focusing on the interrelationship between the data protection legal regime, the application of big data analytics to achieve corporate objectives, and the creation of an organisational privacy culture. It also draws insights from surveillance studies, particularly the idea of dataveillance, to identify potential limitations of the current legal privacy regime. The findings from the analysis of survey data show that big data and data protection support each other, but also that some frictions can emerge around data collection and data fusion. The demand for the integration of different data sources poses challenges to the implementation of data protection principles. However, this study finds no evidence that data protection laws prevent data gathering. Implications relevant for the debate on the reform of European data protection law are also drawn from these findings