Most people’s eyes gloss over when I say I’m a “privacy professional.” They don’t have the foggiest idea of what I mean. This is a problem both outside and within the corporate world. Some jobs are easily identifiable with a single word. If I say I’m a fireman, for the most part, people can understand what I do for a living. There may be some aberration, such as if work mostly handling forest fires versus structure fires but in general, the public understand what I do on a daily basis.
When you start talking information technology professional, the confusion begins. Even simplifying that term into computer professional, people will tend to put you into two camps: someone who programs computers or fixes them. If they associate you with the latter, you’re now their new best friend to come get rid of that nasty virus. However, the range of information technology professionals is much broader. You have programmers for sure but also database developers, web developers, driver developers, component programmers, designers (who know graphical interfaces). You have a host of administrators: network admins, sys admins, database admins, etc. Then you have the engineers and architects who design the system. Then the support personell. Then you start moving into layers of abstraction and there are IT governance folks who develop data policies, auditors who enforce the policy. The IT world is rich with nuanced professionals, none of whom would consider their job the same as others, yet from the outside they are easily lumped together, “oh you’re a computer guy.”
Apparently the same is true of lawyers. Some lawyers have a very public persona. The criminal defense lawyers on TV, the personal injury attorneys on every billboard, this is what the public sees. They also know you need to go to lawyers for things like divorces and real estate but still tend to lump everybody into either civil law or criminal law. The truth is lawyers are much more diverse once they develop a specialty really have limited ability to advise on other issue. More importantly, some laws are so intricate that many corporate lawyers specialize in very narrow niches: Foreign Corrupt Practices, mergers and acquisitions, etc.
Returning to my issue at hand. I get the question all the time, of people asking me what I do or what I want to do. My response “I’m in privacy” is clearly unintellible to people outside the field. Even people who you think might have an inkling of an idea, still seem perplexed that someone could claim such as their professional vocation. My point of this blog post is really to help myself come up with a simple easly explanation….. an elevator pitch that I can give when confronted with the question.
My girlfriend had a good suggestion. I actually asked her last night what she thought I did. She had a better notion than most but still incomplete. She says she often struggles explaining it to her friends. She suggested a three prong approach: first say what it is, second explain what it does and third give an example.
1. What is the title? “Privacy Architect”
Now I would say even most seasoned privacy professionals would have a hard time understanding what this means. The vast majority of privacy pros come from a regulatory compliance background, they either don’t have the IT knowledge or just don’t think in terms of building in privacy up front.
2. What does a privacy architect do? “I help companies design their computer systems and business practices with their customers privacy in mind.”
While this is a really incomplete picture, I think it’s simple enough to convey mostly what I do. My work may not be limited to computer systems and business practices. I think about privacy of other stakeholders than customers. This doesn’t really encompass the legal issues at hand, nor the brand building that having a good privacy reputation can bring.
3. Give an example of what you do. “Say a company wants to start an online bookstore. What books one purchases can reveal very personal interests: medical issues, political positions or financial status. Customers may want to keep such information private. What I do is help design the online store to empower their customers to preserve their privacy while still allowing the business to serve those customers.”
I’d really appreciate anyone’s feedback on this. Does it capture what I do? Is it simple and understandable.