Ruth Hill Bro
Ruth Hill Bro chairs the Section’s Membership and Diversity Committee and served as the 2008–2009 Section Chair. She can be reached at email@example.com.
1. What career path led you to your current position (and are you a lawyer)?
One thing I have noted over the years in working on privacy is that there are many paths to becoming a privacy professional. My path to privacy was via a business degree in my home country of New Zealand followed by time in the manufacturing and services sectors working on quality assurance and risk management. In 1999, while working in a global consulting organization in the United Kingdom, an opportunity arose to move to the United States and provide privacy consulting services. I took that opportunity, which ultimately led me to my current position at Microsoft.
2. What is the name of your department, and where is it positioned within the organization (do you report to the GC, CEO, CIO, etc.)?
Privacy at Microsoft is positioned within a corporate group named Trustworthy Computing (TwC), which reports to Microsoft’s Chief Research and Strategy Officer. Trustworthy Computing began in 2002 as a company-wide effort to increase the security, privacy, and reliability of the computing experience for all. Trustworthy Computing is now a company tenet and has an impact across the technology industry.
3. How many people in your organization are tasked with some aspect of privacy compliance, and what are their job functions? Consider direct reports and budgetary responsibility, as well as those outside your group.
The privacy effort at Microsoft is fortunate to have the strong support of its senior business leaders in allocating resources for managing privacy, and we now have more than 40 full-time privacy professionals. About half of these people are within TwC, and the others are distributed across our product and service divisions, our largest subsidiaries, and our Legal and Corporate Affairs group. In addition to these full-time privacy professionals, we have an estimated 400 more with formal privacy responsibilities as a part of their role.