David Goodman is a consultant working in digital transformation, specifically the areas of identity management and security, data protection and privacy regulation as well as emerging technologies. He has worked in senior management positions across a wide range of companies in Europe and North America from start-ups (Soft-Switch, Metamerge) to global brands (Lotus Development, IBM, Nokia Siemens Networks and Ericsson) as well as University College London. David is currently a principal consulting analyst with TechVision Research, chief evangelist with iGrant.io, a senior consultant with Trust in Digital Life association and, until recently, executive director of the Open Identity Exchange (OIX). He is work package leader for dissemination and communication in the CyberSec4Europe and CSI-COP H2020 projects, and task leader for Open Banking roadmapping and demonstrators in CyberSec4Europe. David has a BA from the University of Manchester and a D.Phil. from the Oriental Institute, University of Oxford.

Why I chose Privacy as my field: In the early ‘90’s when I was manager of the PARADISE project, a global network of X.500-based directory services, I first became aware of the impact of privacy on what later came to be referred to as identity management. Large corporates wouldn’t publish any information about their employees in the directory. Privacy wasn’t their only concern but it was the first time – for me – that the enormity of issues associated with preserving privacy raised its head: and it never went away.

At the beginning of the noughties, I had a Damascene moment when it dawned on me that the most obvious solution to many identity-related problems was for every individual to directly control or be responsible for all aspects of how their personal data could be stored, managed or exchanged.

Although it appeared obvious to me that corporate attitudes to managing personal data had to radically change, it was frustrating that it didn’t just happen the next day. Or even the day after. Progress in identity and privacy management has been glacial, but on the other hand what a transformation over the last twenty years! We are still a long way from getting to where we want to be, but the journey with its innumerable twists and turns continues to fascinate me. I look forward to the day when we can collectively say ‘job done’ and look around to figure out what to do next.

CISO Desk Reference Guide Books

Data Privacy

The Data Privacy Program Guide offers pragmatic advice to various stakeholders on how to build a privacy program that inspires trust and is aligned to organizational strategy and risk management practices of the firm while also addressing important regulations – both domestic and international – that require privacy practices that reflect and support the data subject’s or the consumer’s rights over their information.