OneTrust Vice President of Products Blake Brannon said privacy policies face a problem of fragmentation. Privacy and legal teams have to draft up privacy policies for different products, divisions and subsidiaries within a company, Brannon explained, as well as different variations of a policy to reflect where customers live around the world.
It is a challenge Brannon hopes OneTrust can help remediate with the release of its Policy & Notice Management solution. The tool was created to give privacy professionals a resource to manage the creation and distribution of their organizations’ privacy policies.
The solution allows users to upload their policies to OneTrust, and through the tool’s dashboard, they can then set the parameters for the policy’s requirements.
“You can take a policy and say you need to show it in five different languages and manage any version or deviations of that policy based on location,” Brannon said. “For example, a [California Consumer Privacy Act] version of the policy versus a [EU General Data Protection Regulation] version of the policy.”
The tool ensures the correct document is installed to match the legal requirements for the visitor’s country of residency, as well as translates it into their native language. Brannon said the solution recognizes more than 200 different languages. He added this includes different variations of English, meaning the spelling of certain words will change depending on if the viewer is from the U.S., U.K., Canada or Australia.
“If you are in the U.S. and you market your product and sell to buyers in both English and Spanish, your expectation is to provide those policies and terms in the same language that you are providing the offering in,” Brannon said.
“Updating a policy might be priority one for the privacy person. Itâ€™s probably the lowest priority for the marketing web developer that is managing the website,” Brannon said. “This creates a massive inefficiency in the process of finding a better way to manage these policies and get them updated when they need to be updated.”Â
Brannon said OneTrust has released the offering at a time where more emphasis has been put on the policies than ever before. Previously, privacy policies were not a high priority for any department, but with the GDPR and CCPA, that has obviously changed. Brannon feels this lack of attention is a reason why a similar solution has not appeared on the market to date. Another reason is that the technology was simply not there yet.
“The amount of technology that exists today that can help you with your privacy challenges is exponentially higher than what it was five years ago,” Brannon said.
In its current iteration, the tool only handles privacy notices, but Brannon envisions it could be used to not only upload legal documents, but also to display logos of an organization’s ISO or SOC or certification. He believes the solution can help convey a company’s credentials to its users in order to build a stronger relationship.
“Our vision for how this all unfolds started at policies, but itâ€™s about building an overall trust center,” Brannon said. “It’s about how do I build a trust center on my site to showcase my policy, my certifications, my security clearances, how we respect data and how do we do training and awareness. All of these things show the market your overall governance and trust and respect for the data that you are getting from your users. This is an area we see this product going in the near future to expand far beyond text-based policy.”
Image courtesy of OneTrust