When the Privacy Practice at New York-based PricewaterhouseCoopers (PWC) found that auditing company Web sites manually was getting to be a virtually impossible feat, the company sought a technological means to automate the process. Teaming with Ottawa-based Watchfire Corporation, the two companies recently developed WebCPO privacy management software.
According to Mike Gotta, vice-president of META Group in Stanford, Conn., most people associate issues surrounding privacy with the Web. The risks, however, lay elsewhere.
According to Watchfire and PWC, WebCPO allows organizations and chief privacy officers (CPO) to have better understanding of their data collection, use and potential data sharing practices through alerts and ongoing reporting.
“People are very concerned with what is happening to information that is collected on them and they are very worried about being tracked,” said Michael Weider, president and CEO of Watchfire. “It is sort of the ‘Big Brother’ mentality. Thus, Web sites have tried to proactively educate customers and appease their concerns by coming out with those privacy statements and coming out strong on this issue.”
Weider said that unfortunately, both PWC and Watchfire have found that what companies say in their privacy statements often does not correspond with what they do. Weider attributes this not to trickery on the business’ part, rather that sites are changing constantly and there are a large number of people involved in the publishing practice.
According to Brendon Lynch, a senior manager in PWC’s privacy practice, a lot of businesses do not know that they have breached privacy issues.
Both Lynch and Weider said that WebCPO crawls a company’s Web site looking for potential privacy problems and creates ongoing reports in real-time. The administrator is notified of concerns through either e-mail or pager.
META’s Gotta said he is reluctant to call tools like WebCPO necessary, but said it definitely helps.
“The tool is not going to help you if you do not have the processes in place,” he said. “My question to a client would be, are you dealing with privacy in terms of practices, organizational structure and do you have a CPO? That reflects that the organization has a program in place. Privacy is a program management initiative.”
Weider agreed. “When you find a privacy problem on your site, it is usually indicative that some other business processes are not in place.”
WebCPO is available now and pricing starts at US$15,000. For details, visit the companies on the Web at www.pwcglobal.com and www.watchfire.com.