Security News > 2002 > February > Profitable privacy

Profitable privacy
2002-02-22 08:53

http://www.computerworld.com/storyba/0,4125,NAV47_STO68354,00.html By PATRICK THIBODEAU February 18, 2002 Privacy is an important part of Royal Bank Financial Group's customer relationship management (CRM) system. Employees explain Web cookies to customers; the bank offers cell phones with special encryption chips for wireless transactions; and it has a pilot program through which it gives away firewalls and other security products to customers. That's right, for free. So where's the profit in that? For Peter Cullen, chief privacy officer at Toronto-based Royal Bank, there's profit in privacy. "It is one of the key drivers of a customer's level of commitment and has a significant contribution to overall demand," he says. As more countries adopt stricter privacy laws, companies have to adapt their CRM systems to comply. But Royal Bank clearly sees privacy as more than a legal issue -- it's also a pathway to a customer's loyalty and spending. "We are very much in a relationship business," Cullen says, adding that privacy "plays a measurable part in how customers decide [to] purchase products and services from us. It brings us more share of the customer's wallet." Many companies are reluctant to offer customers more privacy choices, such as opt-in features that require getting customer permission to collect or transfer personal information. Businesses fear they'll lose their ability to leverage customer data and share such information with affiliates. Dennis Behrman, an analyst at Meridien Research Inc. in Newton, Mass., sums up the prevailing attitude: "You won't lose customers if you offer privacy options, but you may lose access to your ability to gain information." But before companies can ask how privacy fits into a CRM strategy, they need systems that can handle privacy compliance. New domestic and international laws are arriving rapidly. Australia, which enacted its new privacy law in December, is a good example. A section in Australia's law requires companies to destroy customer data or make it anonymous once it's no longer needed. That includes backup files, says Andrew Handelsmann, an attorney at Deacons, a law firm in Sydney. Compliance will involve more than simple deletion to ensure that files are really erased from drives, he says. Complying with laws of this type, as well as integrating privacy into a CRM strategy, requires changes in IT systems and management. "It's keeping the system smaller, and it's more controlled," says Greta Ostrovitz, IT director at Cadwalader, Wickersham & Taft, an international law firm in New York. "We don't have these huge, huge databases that just have a life of their own and no one knows what's in it." Tighter control is important to CRM strategies and legal compliance, Ostrovitz says. For instance, when her firm wants to send online and print mailings to clients in England, it must first get client permission for the mailings, according to U.K. privacy regulations. "In building a system, the key is maintaining an audit trail so you know exactly when something gets entered, who entered it, when was something mailed, what exactly got mailed," says Ostrovitz. The Gramm-Leach-Bliley Financial Services Modernization Act, which took effect in the U.S. July 1 (see story), was one of the reasons Cleveland-based KeyBank revamped its massive customer databases. KeyBank pulled about 50 million customer records held by various business units and distilled them into a single database of 11 million records. "We wanted a customer-centric approach, where the customer just came to us once -- at any entry point in the company -- and we could then identify the rest of their relationships in the organization," says Angela Maynard, chief privacy officer at the Fortune 500 bank. In going through the 50 million customer records, KeyBank also "cleaned" the data held by different business units to improve accuracy. It did this in part by matching the data against 200 million credit records maintained by Experian Inc. in Orange, Calif.


News URL

http://www.computerworld.com/storyba/0,4125,NAV47_STO68354,00.html