Ross Webster is based in the UK with over 20 years of experience in the digital media, ad tech, AI, and data space. He currently helps data-driven technology businesses, particularly in the publishing and ad tech industry, successfully navigate privacy regulatory compliance. As well as providing strategic advice and practical privacy solutions balancing commercial objectives, marketplace configuration, and technical constraints.

Previously, Ross was a Managing Director at Foursquare (Factual) in Europe, where he was responsible for privacy policy, data supply & demand, and enterprise revenue for location data solutions. 

Prior to this, Ross was Head of Data Partnerships for Watson Advertising/IBM in Europe, working on AI, blockchain, and data management within the programmatic advertising space. Before the IBM acquisition, Ross was the Managing Director of ‘Rest of World’ Revenue of The Weather Company, where he managed the operations across Europe, and was responsible for revenue generation for both media and data products.

We interviewed Ross to learn from his experience in the data privacy industry.

What does data privacy mean to you personally?

Privacy & data protection should not be a zero-sum game.

‘Governance’ has negative connotations. Executives see governance as a compliance function, as a cost center, creating friction & delay in time-critical business decisions rather than revenue enablers. I am an advocate of generating positivity around privacy that can build trust in brands and create tangible benefits. As a business, there is an opportunity to differentiate, to establish a firm competitive advantage by being proactive about privacy in all spheres – vendor selection, product design, customer data, employee data. The digital industry, in particular, suffers from a lack of transparency, opaque practices, & a widespread lack of due diligence around privacy beyond basic compliance with paper regulations.  

There is a coming sea-change in attitudes around privacy. Customers, investors, consumers, employees & regulators are starting to demand better privacy practices. As these expectations increase, many businesses are still looking at privacy compliance as a box-ticking job, but there is a competitive advantage to leading through better privacy governance.

Do you use encryption tools or secure communication methods (e.g., encrypted messaging apps) to protect your data?

I generally do. However professionally, I often need to put my head in the lion's mouth to ensure I am cognisant of the issues. There is no way I would have signed up for TikTok without a professional interest….it’s not a place for a middle-aged man to be. I have stopped using some messaging apps that I felt weren't secure, employing dark patterns, or were not transparent about their security.

Do you usually read the privacy policies of websites or apps before using them?

To be honest, I generally rely on the summaries of those dedicated experienced professionals who do read them.  This illustrates the problem; I am right behind any effort to make privacy T&Cs more transparent, using simple language and illustrative graphics that can be understood by anyone. I have a healthy skepticism of Big Tech and Social Media platforms, so I am mindful to ensure I am aware of their dark behaviors.

Professionally I do need to read privacy policies, notices, and CMPs to understand where the market is moving. 

What do you think are the biggest challenges in protecting data privacy in today's digital age?

Artificial Intelligence represents a fundamental change in how we all will lead our lives. Along with all the societal positives that AI offers, we must be cognisant that the awesome & virtually unlimited processing power of AI represents a real threat to everyone’s privacy. AI will be iconoclastic. Governments, organizations, and individuals are going to think very hard and creatively about how to react to the challenge.

How did you come across the Yes We Trust community? Any particular article or news that comes to your mind from the community?

I believe that good privacy can lead to constructive outcomes for businesses and consumers alike.

When I started my own investigations, I was looking for quantitative evidence that proved that privacy compliance could be a positive for businesses. The Didomi & Securys “Privacy Made Positive” initiative resonated with me. The Kantar research they presented demonstrated the correlation between good privacy, transparency, and good business outcomes. 

What advice would you give to individuals looking to enhance their data privacy awareness and practices?

Many companies run a hub-and-spoke, hybrid privacy model. So whatever your full-time role, put your hand up to take on more privacy responsibilities within your department, and take the opportunity to work with privacy experts. If your business is relatively immature around privacy compliance, you can volunteer to be the business DPO or De Facto DPO wherever you work within the organization.

Do you have any recommended resources (books, websites, organizations) for those interested in learning more about data privacy?

There are so many online resources, that it can be a bit overwhelming. 

There are some great generic learning tools on LinkedIn Learning and YouTube.   

IAPP & The Privacy Whisperer are great websites to keep up to date with the news and key issues. They both publish newsletters, as does the fabulous Lucid Privacy Group, Alison Schiff at Adexchanger is worth following as well. There are many great privacy commentators on X and LinkedIn.  For example @lucidprivacy, @oschiffey, @EFF, @JulesPolonetsky, @PrivacyInt, @privaCMac, @robertjbateman and @LuizaJarovsky to name a few.

Podcasts are also a great way of keeping up. I would recommend Luiza Jarovsky’s The Privacy Whisperer, as well as Debbie Reynolds’ The Data Diva.

Being based in the U.K. and having worked with global brands, how are you seeing the global data privacy landscape evolve in the coming years? (Brexit, prospects of a U.S. federal law, etc.). What do you believe will be the biggest data privacy challenges or opportunities?

Evolution in the privacy landscape is being driven by changes across 4 main areas: regulation, technology, new data solutions, and public opinion.

If you think it is chaotic now……just wait. Change around privacy is going to get a lot faster and a lot more complex. The challenge will be for businesses to run a compliance privacy program without suffering from ‘privacy whiplash’ in the face of this constant change.  

The importance of a proactive program, utilizing Privacy by Design protocols, will become essential. Privacy can’t be an afterthought, it’s got to be baked into the business values and processes. 

Where can we follow you online? 

X (Formerly Twitter):  Here - Mainly privacy (with a bit of West Ham & occasional weather).

LinkedIn: Here - Privacy & digital media.

I am also a contributor to New Digital Age as well as to the weekly Lucid Privacy Bulletin.