With the changing landscape of privacy regulations and the growing consumer awareness about the collection and management of personal data, more and more companies are prioritizing privacy earlier in their lifecycle than ever before. This is fantastic news for privacy practitioners, but as a founder or product leader, how do you go about building, operationalizing, and scaling a privacy program?
Pramod Raghavendran, Director of Privacy and Data Protection at Coinbase, joins the show to share his thoughts and experience about building privacy programs. Pramod worked as an engineer, solutions architect, technical programs manager, and engineering manager before finding his way into privacy. With deep technical expertise and privacy experience from Amazon, Google, and now Coinbase, Pramod is uniquely positioned to have insights into building privacy functions and establishing a culture of privacy.
Topics:
- How did you get interested in working in privacy and security?
- What changes have you seen in privacy throughout your career?
- Are companies starting to focus on privacy earlier in their life cycle than previously?
- How do you make privacy part of the organizational culture of a company?
- For newer companies, perhaps a startup that needs to start a privacy program, who should they be looking to hire? What characteristics and skills make a good privacy leader for building and operationalizing a privacy program from scratch?
- If you joined a new company to build their privacy program, what’s your first 30 days look like?
- Can privacy be a product differentiator?
- What does it mean to operationalize a privacy program and how do you go about operationalizing a company’s privacy program?
- How do you go about making privacy a design consideration so that the company adopts a shift left process for privacy?
- As a company scales and everything is moving really fast, how do you ensure privacy isn’t something that gets pushed aside in favor of shipping products fast?
- How do you work with engineering and product so that they see the program as value add rather than something that is blocking them from doing their job?
- How do you scale a privacy program?
- What are the typical roles and responsibilities of a privacy function?
- Where do you see privacy engineering going in the next 5-10 years?
Resources: