If you’re a general counsel trying to keep up with current and upcoming regulations, thinking about privacy on a global level can be a daunting task. If you have a distributed team and a global customer base, how can you create scalable policies that will keep you in regulators’ good graces?

During our TechGC privacy forum, Alisa Bergman from Adobe, Idriss Kechida from Match Group, Ileana Falticeni from Quantcast, and Justin Kozak from Founder Shield spoke about the challenges of keeping up with global changes in privacy.

Read their 4 major takeaways below for how GCs can build their privacy programs in a constantly-evolving global climate.

Build for the Most-Common Denominator

You’ll never be able to keep up with what’s happening in every jurisdiction. Instead, you should extrapolate from existing regulations to build for the most common denominator. For example, if you need to adhere to both CCPA and GDPR, look to where your responsibilities to consumers overlap, then design your data and privacy policies from there.

Where is your business primarily located? Where are your customers located? What are the major privacy issues your competitors are wrangling with?

Answering these kinds of questions will allow you to build a privacy framework that provides the same level of rights for your users, regardless of where they are. Resources are expensive at a startup, and this will save you the headache of building a tailor-made privacy policy for each market you operate in.

Understand Your Gray Areas

As with anything privacy-related, there are always going to be gray areas. And depending on your company and industry, you might be dealing with lots of them. The best thing you can do to protect your company is by understanding exactly where these gray areas are and designing policies that will provide a good defense if regulators knock on your door.

It’s also important to understand where your company falls within your industry. Does your company want to take an innovative or conservative privacy approach? Are you one of the more prominent players that’s going to be under extra scrutiny, or are you in the middle of the pack?

Depending on where your company falls, you’ll want to build out more robust policies regarding your gray areas. Don’t forget that you don’t need to reinvent the wheel when it comes to privacy – look to what others in your industry are doing and copy their best practices.

Consider Your Data an Asset

Don’t just focus on your risks. With consumers, trust is the new currency. If you’re keeping abreast of privacy regulations, you’ll be much better at addressing your approach to consumer data during your initial touchpoints with customers, allowing you to build better and longer relationships.

In addition to building trust with customers, you may be able to help other initiatives within your company by seeing your data as an asset. For example, by running re-engagement campaigns to determine whether to purge customer data, you’ll be able to potentially drive revenue from non-active customers while simultaneously freeing up resources for your tech team by deleting non-compliant data.

Want to learn from other GCs about staying ahead of global privacy changes? Apply to become a member of TechGC today. You can also read our other posts from our privacy forum about Web3building a privacy program, and working with your marketing team. If you’re already a member, join us for the TechGC Going Global Forum on July 19th, 2022.