Women Rise Swiftly in the Privacy Field

Editor’s Note: This article is a companion piece to a survey by the International Association of Privacy Professionals, which previously appeared on Big Law Business and showed gender parity in pay for privacy officers. The author of this post is the editor of the IAPP’s monthly member publication, The Privacy Advisor. 

By Angelique Carson, Editor of The Privacy Advisor

The problem with gender imbalance is pervasive. Anyone scanning media headlines in the last half century would surely agree. In the U.S., we talk about the need for more women and girls in science and math. We talk about the need for more men to be able to work as stay-at-home dads. We talk about the fact that women earn 77 cents for every dollar a man earns.

But one place where that old story isn’t true is within the privacy profession. That’s according to a recent salary survey by the International Association of Privacy Professionals, which found the industry is not only made up equally of men and women, but the genders are also represented equally at every level — be it manager, director, vice president or C-suite position. And that pay gap? Well, it’s more like 98 cents for every dollar, and it disappears even further when adjusted for experience and certification.

At a recent event hosted by the IAPP and Center for Democracy and Technology in Washington, DC, some of privacy’s female leaders discussed why they think women are equally represented in the field and the approaches that have fueled their success. Among them was Erika Brown Lee, chief privacy and civil liberties officer at the Department of Justice, who said women were well poised to equally own the field because it didn’t exist 50 years ago. It wasn’t a field traditionally occupied by men that women invaded during their liberation movement.

Lee said in the last 10 years, there have been three privacy officers at the DOJ and they’ve all been women.

“We were kind of there at the beginning when it was happening,” said the Center for Democracy and Technology’s Nuala O’Connor, who moderated the panel. O’Connor was one of the first chief privacy officers, starting at Internet-ad company DoubleClick before stints at the Department of Homeland Security, General Electric and Amazon.

Patrice Ettinger, CPO at Pfizer, said she was able to carve out a position for herself rather than having to climb an already-established corporate ladder.

“There were low barriers to entry,” she said.

Ettinger was hired by Avon in 2008 to create its first privacy program.

“I was hooked from the beginning,” she said. “It was a great opportunity for me to join that company and be part of something from the ground up.”

Hilary Wandall, CPO at Merck, didn’t expect to work in privacy. She was working in the company’s molecular biology lab doing HIV research and going to law school at night. When the company, which manufactures some pharmaceuticals geared toward children, had a question about complying with the then-new federal law on children’s privacy, Wandall was tasked with figuring out the answer. She never looked back. Two years later, the company formed a privacy office. She said it was a can-do attitude that got her there; an attitude women should embrace if they want to carve out a space for themselves.

Christine Frye, CPO of Bank of America, agreed it’s that kind of flexibility that serves women well.

“I’m always open to opportunity,” said Frye, who worked in mergers and acquisitions previously. “That’s how my career in privacy started. I got into financial services, but I was always open to opportunity, always willing to say, ‘I can do that. I can help them out.’”

Privacy was also an unregulated space when Frye got into the field, so the role was less about following the rules and more about finding “the right thing to do and setting self-regulatory practices,” she said. That meant having a passion for ensuring individuals’ rights and helping companies communicate with companies.

Wandall agreed that women often have the right innate skills for a career in privacy.

“Really at its essence it’s about understanding the values people care about, whether here in the U.S. or in other societies, and making sure when we think about programs to handle data we’re thinking about values we want to preserve,” she said. “It’s really about ethics.”

Asked what the profession will look like in 10 years, Wandall said she expects the way people think about the privacy role to broaden.

“People tend to wrap their heads around a fairly narrow space,” she said. “But what we do is so much broader. It’s really about protecting people and the information about them from harm and making sure they can live the lives they want to live. There’s all kinds of data generated all over the place that can prevent that from happening. Our responsibility as privacy professionals is to anticipate what the risks may be from all possible ways that data can be generated. To think far enough in advance that we’re designing ways to handle that information that prevents that from happening.”

Lee encouraged women to “look at the horizon instead of just what’s in front of you.” She said some of the best opportunities come from jobs that seem unattainable or even uninteresting.

Ettinger agreed.

“The advice I wish I’d gotten, the advice I’d give people now? Stretch, look for challenges,” she said.

And that advice goes for all aspiring privacy pros, man or woman.