Canadian privacy chief heads to Microsoft to take on leading role

After 26 years at the Royal Bank of Canada, working in an environment where privacy is paramount to corporate success, Peter Cullen will soon be heading to Redmond, Wash., to help take Microsoft Corp.’s Trustworthy Computing initiative resolutely into the 21st century.

Cullen will take over the role on July 14.

But Cullen is going to have his work cut out. In word association games, Microsoft has never been the first response to words like privacy or trust. Bill Gates admitted as much when he launched the Trustworthy Computing initiative last February – all occurring during a time when the company battled antitrust law suits and had the U.S. Federal Trade Commission rule that its Passport online authentication service had security and privacy flaws.

So one might wonder: why make the move from relative obscurity to becoming the chief privacy strategist for a company that is, whether deserved or not, often a lightening rod for criticism?

“I am really deeply passionate about consumer privacy issues,” Cullen said. “Microsoft, in my view, has a really compelling vision about the way that privacy integrates with an overall trustworthy computing platform.”

Cullen admitted the job will be a challenge but said good, sound communication with Microsoft’s customers will be the key to success.

“Part of the way you help generate trust with customers is to talk a little differently about how Microsoft is protecting privacy and find ways to communicate what is going on,” he said.

“Like in the financial services, where there was a push to help customers understand how their information was used, I think there are similar opportunities in other industries as well to better communicate with our customers.”

When queried whether Microsoft has an image problem, whether people inherently think trust when they think of Microsoft, Cullen admitted it was, for him, too soon to tell.

“I don’t know the products well enough to be able to answer that right now. I think I need a little more time.”

So his starting point is going to be his own education.

“A huge priority for me at the start is to do a heck of a lot of listening to develop a really good understanding about where other people see the opportunities,” he said.

Lead, don’t follow

Since 9/11 there have been many complaints, both north and south of the border, that increased security has come at the cost of decreased privacy. Cullen doesn’t entirely buy the logic.

“It is very, very difficult to have good privacy without a good security foundation,” he said.

Microsoft’s goal is to integrate security and privacy into both product reliability and the overall integrity of the business, he said.

With more stringent privacy laws percolating through the business world (for example PIPEDA in Canada and HIPAA in the U.S.), Cullen said leading, rather than following regulation, is the best way to go.

“Those, and other legislation around the world where Microsoft has business, vary significantly so the correct way to view it is thinking about what is important to the customers and the level of standards and expectations that they have, and finding ways to meet that level of expectation,” he said.

A Vancouver native, Cullen will be reporting to Scott Charney, Microsoft’s chief Trustworthy Computing strategist. Cullen added that he is looking forward to moving back to the west coast.

“As far as I remember, you don’t have to shovel rain.”