From implementing up-to-date privacy practices across the organization to handling a high number of data subject requests, a DPO has to overcome many challenges to succeed.

Ron De Jesus, Chief Privacy Officer of Grindr, was recently named one of the top DPOs to follow in 2022 by the tech and privacy community. Ron frequently attends privacy-related events and conferences. He teaches privacy certification courses and co-wrote IAPP’s Privacy Program Management textbook. We invited Ron for an interview to talk about Grindr’s latest efforts to protect their users’ safety and privacy (such as their “Holistic Security Guide” and other new privacy features) in light of recent news about the app.

How did you get into the privacy field? What inspires you about this industry?

I wasn’t necessarily in pursuit of a career in privacy post-undergrad, which I think is true for many privacy professionals who started in this industry in the early 2000s. My start in this field began in 2005, when privacy was still a relatively new area of compliance, and I was fortunate enough to land a position with a boutique privacy consultancy based in Toronto that did some really groundbreaking work, including on the Privacy by Design principles pioneered by Dr. Ann Cavoukian. A lot of my first projects focused on assessing privacy programs against Canadian privacy laws and regulations. 

While not a lawyer, I realized that I was fairly good at understanding and interpreting legal requirements and translating them into a pragmatic direction for technical and other business functions. It was this realization, along with the increasing need for privacy professionals in general, that inspired me to continue pursuing a career in privacy. And it’s the complex compliance challenges privacy professionals deal with every day that continues to keep me inspired.

Can you provide tips for starting a career as a privacy professional? What are the skills required to make an impact?

First, I’d like to emphasize that you do not need to be a lawyer to start a career in privacy, and I think this is true given the growing number of privacy roles that focus on more operational, auditing, broader compliance, and even engineering experience. Possessing excellent project management and interpersonal skills is key because you’re constantly liaising across functions and building relationships with folks across the entire organization at all levels. Privacy certifications are also becoming increasingly critical - you’ll see a lot of job descriptions that now include them as required qualifications. These certifications are important because they demonstrate that you understand core privacy concepts and have made investments in your career. So my pro-tip would be to look into certificates offered by organizations like the International Association of Privacy Professionals (IAPP). I actually teach courses on the Certified Information Privacy Manager (CIPM), and my students have overwhelmingly found the certification advantageous.

The privacy community around the world is incredibly diverse and inclusive. How would you explain that?

That’s a keen observation, and I agree. I think we can attribute some of this to the fact that marginalized communities likely consider privacy a critical human rights issue in need of defense. 

As a privacy professional who is both a minority and part of the LGBTQ+ community, I find my work in this field extremely fulfilling, especially for a company like Grindr that is itself so diverse and inclusive and that serves a marginalized population.

How does Grindr address the specific privacy needs of the LGBTQ+ community?

We’re acutely aware of the privacy issues that affect the community we serve, especially when in certain parts of the world, LGBTQ+ people are subject to laws against homosexual expression and, in some jurisdictions, can be punished with the death penalty. 

In addition to existing in-app controls like screenshot blocking, allowing users to hide their distance and profiles from searches, and in-app blocking and reporting functions, we’ve developed a Holistic Security Guide that educates our users on safety both on and off the app. And our program “Grindr for Equality'' collaborates with local LGBTQ+ advocacy groups around the world, using the app’s global reach to deploy health and safety information, including to LGBTQ+ people facing particular hardships. 

Thanks to the app’s geolocation technology, Grindr for Equality can connect users with information and resources of particular need and interest to their local community.

In terms of privacy and data protection, what are some of the steps Grindr takes to support user privacy?

Grindr takes privacy extremely seriously, and I’m proud of the work we’ve done and continue to do collectively as a company to protect our users and their personal information. Respecting user privacy is at the core of everything we do, whether it be pushing every new feature through a robust privacy review process or conducting regular audits of what we share with our third parties. We also strive to be industry-leading in our transparency with our users in terms of our data collection and processing practices. This includes regular updates to our privacy policy or implementation of “just in time” privacy notices in our app that educate and inform our users about new features and how they can control their data. Last year, we rolled out a number of new privacy features, including our “Access & Portability” tool that fully automated DSAR (data subject access rights) for all users globally (not just users in the EU and California). More recently, we launched an “Albums” feature that was built with user privacy at the forefront, providing them with more control over who has access to their photos. And I’m in constant dialogue with our Product and Engineering teams to find ways to build new and fine-tune existing privacy controls for our users. I’m grateful to work with folks who are so passionate about protecting and serving this community.

Let's end with a personal note. Do you regularly delete digital accounts or apps that you are not using anymore? 

Of course — I actually do practice what I preach!

—
Read more about our Top DPOs 2022 project here.