As GDPR’s One Year Anniversary Approaches, Adobe Announces GDPR Validation from TrustArc

Governmental AffairsTechnology

As we approach the one-year anniver­sary of the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GPDR), a ret­ro­spec­tive look at the past year and a look ahead to the future seems fit­ting. One thing is abun­dant­ly clear:  GDPR has had an incred­i­ble impact on bring­ing pri­va­cy and data pro­tec­tion issues to the fore­front.  This four-let­ter acronym is much talked about in board rooms, front page news, spark­ing leg­isla­tive and reg­u­la­to­ry activ­i­ty and debate glob­al­ly, and is top-of-mind for con­sumers. Pri­va­cy is not only hav­ing a moment, it’s some­thing that is here to stay.

Build­ing on Adobe’s her­itage of cer­ti­fied secu­ri­ty con­trols (e.g., SOC2, ISO 27001 etc.) and beyond, as well as our pri­va­cy-by-design foun­da­tion, we want­ed to appro­pri­ate­ly mark this GDPR mile­stone. So, we teamed up with TrustArc, which has a rich his­to­ry of help­ing com­pa­nies demon­strate com­pli­ance, to inde­pen­dent­ly ver­i­fy our GDPR readi­ness for var­i­ous offer­ings with­in the Adobe Expe­ri­ence Cloud. We are very proud of this announce­ment and the work behind it, and look for­ward to con­tin­u­ing to be a trust­ed provider for our enter­prise cus­tomers when it comes to pow­er­ing dig­i­tal trans­for­ma­tions.

TrustArc Validation

At Adobe, we put our enter­prise cus­tomers’ needs at the cen­tre of the pri­va­cy equa­tion, always striv­ing to see around the cor­ner by both lis­ten­ing to and antic­i­pat­ing our cus­tomers’ needs when it comes to pri­va­cy. We have been hard at work launch­ing and iter­at­ing on new tools and tech­nolo­gies to enable our cus­tomers to pow­er their dig­i­tal trans­for­ma­tions in pri­va­cy-friend­ly ways that sup­port trans­paren­cy and trust-build­ing along with user-choice and con­trol.  Work­ing with TrustArc, we are tak­ing the added step of obtain­ing their val­i­da­tion to pro­vide addi­tion­al con­fi­dence in our readi­ness for the cus­tomers, clients, and part­ners that we’re for­tu­nate to sup­port.

Many com­pa­nies are seek­ing ways to bench­mark and com­mu­ni­cate their GDPR readi­ness efforts right now while they await future GDPR cer­ti­fi­ca­tion pro­grammes and codes of con­duct under GDPR.  Today, we are proud to announce that TrustArc has reviewed and suc­cess­ful­ly val­i­dat­ed Adobe’s Mar­ket­ing CloudAdver­tis­ing Cloud, and Ana­lyt­ics Cloud prod­ucts against the TRUSTe GDPR Pri­va­cy Prac­tices Com­pli­ance Val­i­da­tion Require­ments. Notably, Adobe is the first large com­pa­ny in the dig­i­tal expe­ri­ence space to receive this val­i­da­tion – high­light­ing our com­mit­ment to GDPR-readi­ness.

TrustArc CEO Chris Babel said, “We believe a strong pri­va­cy man­age­ment pro­gramme is crit­i­cal for com­pa­nies to build and main­tain cus­tomer trust and to help ensure com­pli­ance and account­abil­i­ty. Adobe has suc­cess­ful­ly demon­strat­ed that three of its cloud prod­ucts meet the applic­a­ble require­ments of the EU Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR) based on our GDPR Pri­va­cy Prac­tices Com­pli­ance Val­i­da­tion Require­ments.”

Looking Ahead

The pri­va­cy land­scape is quick­ly evolv­ing with new guid­ance emerg­ing from reg­u­la­tors, tech­no­log­i­cal solu­tions, and busi­ness mod­els. At Adobe, we think the best way to stay ready in this chang­ing envi­ron­ment is to:

  • Focus on build­ing “pri­va­cy-by-design” even deep­er into the prod­uct devel­op­ment process­es and com­pa­ny cul­ture. Rather than look­ing at GDPR as a one-time com­pli­ance project, let it be the foun­da­tion for a sus­tain­able privacy/data pro­tec­tion pro­gram for data life­cy­cle man­age­ment and gov­er­nance.
  • Take a user-cen­tric approach, some­thing we call “expe­ri­en­tial pri­va­cy.” This aligns with key pri­va­cy prin­ci­ples of trans­paren­cy, fair­ness, choice, and con­trol.

Both in the lead up to GDPR and over the past year, we’ve worked hard to con­tin­ue build­ing on our strong pri­va­cy foun­da­tion. We’ve spent time work­ing with our enter­prise cus­tomers to under­stand their pri­va­cy needs when it comes to our offer­ings, in the form of new prod­ucts, ser­vices, doc­u­men­ta­tion, and agree­ments. We launched ser­vices like our GDPR APIGDPR UI, and GDPR ID retrieval tag.  We are busy scal­ing and re-cal­i­brat­ing these tools to address emerg­ing glob­al require­ments, in addi­tion to the gov­er­nance capa­bil­i­ties we offer our cus­tomers, all of which are now part of what we are call­ing our Pri­va­cy Core Ser­vices.

As we con­tin­ue to nav­i­gate the ever-chang­ing pri­va­cy land­scape, lis­ten­ing to our cus­tomers and work­ing with trust­ed com­pa­nies like TrustArc has proven to be invalu­able. We look for­ward to the road ahead and to trav­el­ing with you on the shared pri­va­cy jour­ney.


Governmental Affairs, Technology
Alisa Bergman

Posted on 05-14-2019


Join the discussion