Today’s digital landscape requires corporations to responsibly and proactively aid in the protection of clients’ and consumers’ rights. Though a multi-layered responsibility, right now, the focus is on data.
Digital Remedy, a next-gen company powering digital advertising services and a comprehensive execution platform, works across all media platforms including mobile, tablet, search, social, OTT, video, and audio content. As a trusted digital media partner, brand safety measures are vital to every process including data protection. Even as a company that does not collect first-party data, many of us in the ad tech community understand the importance of handling other’s data. These days, data can make a ton of money, but it can also cost you. So, being able to handle large amounts of data in compliance with laws and to the even higher standards of clients is of key importance. Given the recent GDPR compliance requirements in the EU coupled with data sensitivity and compliance in the U.S., Digital Remedy has proactively created a Data Protection Officer position (DPO).
Under GDPR, companies handling personal data need to have hyperfocus on the legal implications and compliance procedures. In the lead-up to GDPR, we spent considerable time evaluating our footprint in the EU and involvement with personal data there. At the time, we chose to scale back any data collection practices to comply with GDPR. Our DPO, prior to the official designation, led that initiative and has advised Digital Remedy on GDPR throughout.
While we do not clearly fall into any category of organization that is required to have a DPO under GDPR, we feel the concept is an important one. CCPA does not independently require a DPO; however, the rigorous requirements, frequent developments, and potential consequences demand that the company be thoroughly informed on the law. At this point, most of us know the story of how CCPA came to be and what impact that had on the product. Once CCPA is finalized and goes into effect, the DPO will need to guide the implementation of new policies and procedures to comply.
As a long-time member of the IAB with the same levels of concern over the ambiguities and burdensome directives of CCPA, we need to take an active role alongside our colleagues in helping to make the CCPA clearer, narrower, and simply better. Our DPO will represent us in those discussions and make sure our concerns are heard.
Further, there are also similar laws being proposed, written, and even passed in many other states. For this reason, most experts in the field data privacy estimate a federal law is soon to come and that it is expected to mirror many of the elements contained in both the GDPR and CCPA. A federal law would undoubtedly present new and complex issues related to state and international law.
The appointment of DPO demonstrates to Digital Remedy customers and business partners that we are serious about protecting personal data and being a part of a corporate community that is conscientious about the direction of data privacy legislation.
What Does the Digital Remedy DPO Do, and What Value Does It Add for Clients and Partners?
Our DPO is responsible for several functions including informing and advising Digital Remedy, clients, and vendors, as well as any other potential handlers of personal data, on matters relating to data protection compliance. The DPO also monitors compliance with the rapidly changing laws, rules and regulations. He guides the company on how to engage with clients and vendors who handle or might handle data. Digital Remedy’s DPO ensures, in an independent manner, that an organization applies the laws protecting individuals’ personal data.
The core responsibilities of the DPO include:
- Educating the company and employees on important compliance requirements
- Training staff involved in data processing
- Conducting audits to ensure compliance and address potential issues proactively
- Serving as the point of contact between the company and regulatory agencies
- Monitoring performance and providing advice on the impact of data protection efforts
- Maintaining records of all data processing activities conducted by the company, including the purpose of all processing activities
- Ensuring the consumer has their rights protected as required by law
Who Is the DPO?
Patrick Hogan has been with our company in some capacity since 2007. Along with so many in the corporate and digital legal community, he has been entrenched in data privacy over the past several years. He sits on the NYC Bar Association’s In-House Counsel Committee and the IAB’s Legal Affairs Committee. A graduate of Hofstra Law’s 2013 class, he has shown exceptional ability to advise Digital Remedy through the years in numerous capacities and has been our Director of Legal Affairs for nearly 3 years now. He is extremely resourceful, knowing the business and the industry inside and out. His continued dedication to data privacy law is an invaluable asset and will be a vital impact on our continual growth as marketspace leader.