UM, an IPG Mediabrands global media agency, appointed Arielle Garcia as its first chief privacy officer. She previously was VP of business operations and compliance for UM's ExxonMobil and Accenture accounts.

In her new role, Garcia will spearhead IPG Mediabrands' Privacy Taskforce as well as oversee the launch and implementation of UM's privacy program. The program, according to the agency, will involve setting a strategy for navigating new digital privacy laws (such as the U.K.'s General Data Protection Regulation and The California Consumer Privacy Act); developing policies and procedures around them; and educating and training employees and clients on how to collect and share online consumer data ethically.

UM says Garcia will provide guidance to both internal teams and clients on all privacy-related matters as well as build out the agency's consulting services "around privacy, trust and brand safety."

GDPR in the U.K.—a first-of-its-kind law that gave citizens control over how their data is collected, used and handled—went into effect in 2018. While CCPA was signed into law by the state of California in 2018 and took effect in January of this year. CCPA allows consumers to know what data companies are collecting on them, why they are collecting it and who they are sharing it with. It also provides a path for consumers, as well as the California attorney general, to sue companies if they experience a data breach.

The laws haven't been without pushback. Tech giants Google, Facebook, Amazon and Microsoft, as well as trade bodies like the Data Marketing Association and Interactive Advertising Bureau, tried thwarting CCPA. The 4A's has also pushed back on the California bill, arguing that it carries "ambiguities and internal contradictions, making compliance obligations a complex challenge."

UM's position is not to fight the laws, but to accept them.

"The advice we're giving is to embrace the regulations," says Joshua Lowcock, U.S. chief digital and global brand safety officer of UM. "The public attitude towards privacy has changed and that's something we need to embrace, adapt to and really lean into."

He adds, "This is bigger than digital. The way we approach brand safety and privacy is not just about our digital partners; this is about every media partner we work with."

Lowcock says UM predicts the next phase of "brand safety challenges," and something he's been advising clients on, is the way in which news organizations collect consumer data. He says their sometimes unethical practices pose "just as much risk" as the "inappropriate placement of ads. It's very clear that companies that collect data in unethical ways should not be part of the advertising ecosystem," Lowcock says.

IPG Mediabrands recently released 10 "media responsibility principles" to help "balance brand safety and brand responsibility in advertising." The principles called for partnering with media companies that "foster balanced, constructive discourse and respectful civil commentary"; that "protect people from harm"; that "demonstrate that they celebrate all forms of diversity"; and that "collect and use data in ways that are ethical, accountable and fair," among other guidance.

Lowcock says Garcia is the right person to shepherd UM's digital privacy program, pointing particularly to her background in law. Garcia received her Juris Doctorate from Fordham University's School of Law. She has been with UM for the past seven years, leading operations and compliance across 23 markets for ExxonMobil. Garcia will continue to oversee operations and compliance for that business in her new role.

“Arielle has played a key role in cementing UM’s standing as the industry leader in privacy and brand safety,” UM U.S. CEO Lynn Lewis said in a statement. “Given her extensive work in a critical space that continues to grow and define our industry, Arielle will be on the front lines of the dialogue and debate around privacy-related developments and trends while driving a ‘culture of compliance’ for our agency, clients, partners and the industry at large.”