No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

New Tech and Other Tools to Navigate a Changing Regulatory Risk Landscape

An Interview with TrustArc CEO Chris Babel

by Corporate Compliance Insights
April 1, 2019
in Featured, Leadership and Career
New Tech and Other Tools to Navigate a Changing Regulatory Risk Landscape

Today we share an interview with Chris Babel, the CEO of TrustArc, a leading technology compliance and security company. Chris shares his background in the industry, offers insight into key risks facing the GRC profession today and explains how TrustArc meets a growing need.

CCI: How did you get started on a career in privacy?

CB: I’ve spent more than two decades building online trust for customers like Apple, Alibaba and IBM, most recently in the security industry working on VeriSign’s worldwide Authentication Services business, where I was responsible for strategy, sales, marketing, product and support. In these roles, I helped grow the businesses through the launch of new products to enterprise and small/medium businesses, international expansion in EMEA and Asia and through acquisition and integration of a number of companies.

My experience working in the security industry paved the way for work in privacy – an industry evolving along the same trajectory as security. The market is powered by increasing demands to use personal data, mounting user privacy concerns about the use and handling of their information, an increase in regulatory requirements and the need to operationalize privacy controls to ensure business continuity.

CCI: Who helped shape your views on data privacy?

CB: I think one of the great things about the privacy profession is that there are so many people to learn from. The breadth and depth of knowledge you can hear at an IAPP event is tremendous, whether that be from CPOs at companies, law firm partners, privacy consultants or regulators.

One person I’d point to in particular is Hilary Wandall; as she was the CPO at Merck, Chair of the IAPP Board and a customer, we had many debates on the trajectory of the privacy profession and company needs. We shared a similar vision for the market and were fortunate to have her join TrustArc in 2016.

CCI: How do you stay current on ethics and compliance issues?

CB: Regular conversations with customers, consultants and law firm privacy professionals is a great way to get an “on the ground” sense for what issues are top of mind. There is a growing list of sources to follow in order to stay current – whether it be from one-on-one conversations, attending an IAPP or other privacy conference or, increasingly, security conferences like RSA.

CCI: How do you see the CCO role evolving within the next three years?

CB: An increase in the number of international and domestic privacy regulations are impacting the way businesses make decisions and will continue to do so. Successful organizations must now weave consideration of personal data usage into the fabric of their company and services due to increasing regulatory requirements and concerns regarding the use of consumer information. The role of the CCO will become a much more strategic one, with CCOs working to ensure the organizations they work for take these privacy concerns into account from day one. Privacy is not a project with an end and a beginning; it is an ongoing task the CCO will be responsible for and a key factor in the strategy and execution plan necessary to drive success.

CCI: What do you see as the greatest regulatory risks facing companies, and how might they impact business as a whole?

CB: Companies are facing unprecedented expectation for data privacy compliance with both international regulations, such as GDPR, and domestic laws, including the California Consumer Privacy Act (CCPA). We are starting to see the ramifications of GDPR violations, and they are not just monetary fines. In some cases, companies have even been asked to cease operations in a specific geography. These types of consequences can severely impact a company’s ability to operate. Businesses must be aware of changing regulations to ensure they are compliant moving forward, in part by thinking more holistically about security and privacy. Operationalizing privacy at scale will be the best path forward for any organization as it contends with the changing regulatory risk landscape.

The more innovative companies will look to differentiate themselves from their competition by setting up ethical review committees, ethics teams and data ethics officers to formally consider the implications of algorithms and machine learning on customer trust and business outcomes.

CCI: How might CCOs, CROs and CISOs prepare to face these risks?

CB: CCOs, CROs and CISOs should consider leveraging technology to enable compliance solutions that 1) can effectively scale across the organization and 2) are in accordance with multiple privacy regulations. Connecting the dots on one centralized back end will allow continued scalability and flexibility, particularly since data protection regimes increasingly require documentation and recordkeeping for each distinct business process. Centralized solutions are emerging that can not only help businesses map and monitor the flow of sensitive information through networks, data centers and web-based software, but also provide platforms that help respond to data breaches.

Technology alone is not enough, however. Privacy officers should put existing resources toward individual rights management, operationalized data governance (mapping data flows, recordkeeping, data retention/deletion policies), and “privacy by design” to enable companies to make the leap from reactive to proactive, conserving budget in the process.

CCI: How does your company help its clients mitigate risk?

CB: TrustArc offers an unmatched combination of innovative technology, expert consulting and TRUSTe certification solutions. Together this combination addresses all phases of privacy program management. The TrustArc Platform, fortified over eight years of operating experience across a wide range of industries and client use cases, along with our extensive services, leverage deep privacy expertise and proven methodologies, which have been continuously enhanced through thousands of customer engagements. With a wide range of modules, the TrustArc platform supports several privacy management initiatives, including CCPA, GDPR, EU-U.S. Privacy Shield, Swiss-U.S. Privacy Shield, APEC CBPR and COPPA. The platform can also be integrated with GRC platforms, such as the Archer GRC Suite and ServiceNow.

CCI: Compliance departments are often asked to accomplish their work with limited resources… do you see this situation changing any time soon?

CB: I’m not certain I know many situations inside any company where budget and resources isn’t a problem. According to a joint report that the IAPP and TrustArc released in December, budget is the largest reported barrier to adopting privacy management solutions. Irrespective of whether you are a Fortune 100 company or have less than 100 employees, both are still turning to third parties for their compliance needs. Limited resources and the complexity around privacy management is causing firms to look outside their walls for scalable compliance support.

For instance, with the increased sophistication of privacy technologies, a small company located anywhere in the country will now have access to third-party solutions at a price point that fits them and makes it worth their while to comply with a law such as the California Consumer Privacy Act to reach even more customers.

So, while compliance departments may not necessarily see the increase in resources they request, it is becoming easier for these departments to do more with the resources they do have though the help of third-party technology offerings.


Chris Babel is CEO of TrustArc, where he has led significant growth, transforming TrustArc into a leading global privacy compliance and risk management company. Before joining the company, Chris spent over a decade building online trust, most recently in the security industry as senior vice president and general manager of VeriSign’s worldwide authentication services business. He holds a B.A. in Mathematical Methods in the Social Sciences and Economics with Highest Distinction from Northwestern University.


Tags: California Consumer Privacy Act (CCPA)GDPR
Previous Post

How Compliance Can Empower the Business to Manage Risk

Next Post

PwC 2019 Risk in Review

Corporate Compliance Insights

Corporate Compliance Insights

Related Posts

snooping on private data

Survey: Leaders Claim to Be Ready for State Privacy Laws; Few Actually Are.

by Staff and Wire Reports
June 29, 2022

With state laws looming, where do companies actually stand today? A Womble Bond Dickinson survey examined current corporate preparedness along...

data privacy symbolized by padlock image comprised of people

The Key to GDPR Compliance for Fast-Growing Companies Is a “Privacy First” Culture

by Jose Costa
May 3, 2022

GDPR fines hit hard in 2021, especially hammering fast-growing and evolving businesses for accidental or careless EU GDPR violations. Tugboat...

deep blue illustration of person with face obscured

These Data Anonymization Techniques Don’t Cut It Anymore

by Tobias Hann
February 24, 2022

Data anonymization techniques that maintain a 1:1 relationship between personal info and the people to whom they relate are appropriate...

Vector of a cybersecurity worker monitoring servers.

Cybersecurity in 2022: More Acceleration, More Sophistication

by Mathieu Gorge
January 19, 2022

In 2022, nations and organizations around the world will continue working to protect customer data against hackers and accidental breaches....

Next Post
PwC 2019 Risk in Review

PwC 2019 Risk in Review

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance Decision-Making DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring Ransomware RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT