Back to all blog posts

Selling Privacy to Executives

Every organization regularly has to consider budgets. It’s simply a fact of life that companies must determine how best to allocate resources. Privacy professionals know this all too well. Asking for more budget for basic operations, let alone any special projects or new initiatives that need to be undertaken can be a daunting task. So how do you get decision makers bought in?

Selling privacy to executives

It is up to a privacy professional to get support from executives and others at their organization. The main obstacle to this is the limited nature of things like money or time. Privacy, however, is ubiquitous in operations. Human resources, IT, and product design amongst others all have privacy concerns and this is how we make a great case for privacy. Alignment, often call business or operational alignment, with organizational objectives shows the value privacy brings to other parts of the organization.

Human resources will have concerns around applicant and employee privacy. IT handles access controls, vendor integration, and incident response to some degree. All of these areas, with a strong privacy backing, will provide returns on investment to the business through strong compliance practices. Less time wasted on privacy by non-privacy focused teams is a clear benefit.

The other way in which we can get buy-in is going to be more focused on avoiding negative outcomes, specifically fines. It is clear that the world is moving towards stronger privacy laws similar to the General Data Protection Regulation. This means we are seeing heftier fines for non-compliance. A fine of 20 million euros, or the more daunting 4% of annual revenues, is nothing to sneeze at. We aren’t all Meta or Google and capable of eating a billion dollar fine.

This information, provided to executives, can get them focused on privacy initiatives. The possibility of paying a fine is certainly less appealing than having a compliant privacy program. Additionally, the costs associated with non-compliance go beyond fines. While privacy is a topic of less public scrutiny than some others, the public has become more interested in this area recently. Should news of non-compliance get out to them, the reputation, and consequently the profits, of the company could be harmed as well.

The overall position to take is that privacy is not a legal function but an operational one. While our goal is compliance, we do that through policy and procedure that promote good practices. Showing executives this will help to get them to your side, supporting your initiatives and advocating for you. While it may not get you everything you want, it will help to get closer to your goals and imbed privacy into the culture of the organization, if even only slightly.


Reach out to Privacy Ref with all your organizational privacy concerns, email us at info@privacyref.com or call us 1-888-470-1528. If you are looking to master your privacy skills, check out our training schedule, register today and get trained by the top attended IAPP Official Training Partner.