Taking Privacy Seriously – What I Learned from Data Privacy Day

Feb 08, 2018 | | 110 |

Taking Privacy Seriously – What I Learned from Data Privacy Day

By Craig Goodwin

A few weeks ago, I had the pleasure of attending the National Cyber Security Alliance (NCSA) Data Privacy Day event in San Francisco. Data Privacy Day was started with the goal of raising awareness about the importance of respecting privacy, safeguarding data and enabling trust for consumers and businesses. My presence at the event, along with the position CDK Global took as a supporting sponsor, really shows the commitment from all at CDK to be at the forefront of the industry when dealing with matters of Privacy and Security. I was proud to be there representing the business in my role as Vice President and Chief Security Officer for CDK Global and as a member of the Board of Directors for the NCSA.

The event took place in the opulent surroundings of the new LinkedIn building in the center of San Francisco - a treat in and of itself - with the added bonus that the rain held off for much of the day, unlike when I had landed the previous afternoon. With the sun pouring into the room through the glass building, the morning got off to a great start with a lively media panel. I sat on the panel alongside some significant names in the Security and Privacy industry including Michelle Dennedy, Chief Privacy Officer for Cisco and Denelle Dixon, Chief Legal and Business Officer for Mozilla.

Russell Schrader, NCSA Executive Director, moderated the discussion which flowed between the consumers’ rights and businesses’ responsibility to help consumer fully understand the implications of sharing their data. The main takeaway for me was the need for consumer empowerment, and businesses carry a significant responsibility to help consumers feel empowered and proactively informed about what is happening with their data. Many on the panel, including myself, feel that the security and privacy professionals are pushing businesses to do ‘the right thing’ when it comes to the treatment of data. However, there is definitely still work to be done. The rise in regulations, particularly in Europe, such as the General Data Protection Regulation (GDPR) will also help fuel a more critical eye on the collection, use and storage of personal data.

My key takeaways from the event overall fall into two categories: consumer and business. For the consumer it is becoming increasingly important to demand to know about your personal data. There was some lively discussion early in the day about whether consumers truly have the ability to influence businesses to improve the transparency about what happens to their data. I believe that if consumers vote with their wallets and refuse to accept a lack of transparency, there is an opportunity to change attitudes about privacy and data security.


We all have a responsibility to do the right thing - to work to ensure that consumers are given the tools and capabilities to fully understand how their data is being used, and to empower them to make the appropriate decisions about their privacy and personal data. As technology companies, we can drive the competitive environment in such a way that it becomes unacceptable for companies to operate in a context where they do not enable their customers and consumers to have control and visibility.

It is incredibly encouraging for me as the leader of CDK Global’s Security Office that we are participating in these discussions alongside world leaders in the technology space and positioning CDK at the forefront of driving industry change. My teams and I continue to work hard to put consumer privacy and security at the center of everything we do at CDK. We also work with the wider automotive industry to help dealers and manufacturers alike ensure that consumer data and its protection is at the forefront of all business processes. I was grateful to LinkedIn and NCSA for the opportunity to share my passion about security and privacy at the event.

CRAIG GOODWIN
Chief Security Officer
Craig is currently the Vice President and Chief Security Officer at CDK Global. A native of England, Craig joined CDK with over 15 years of experience leading security across both the public and private sectors. Craig started his career with British Military Intelligence and has more recently held CISO and CSO roles for various global companies including Arriva Group PLC, Wolseley Group PLC and Monster Worldwide.