Data Demands Respect

Acxiom has quietly made a billion-dollar business out of handling data; it's a learning experience.
But its business strategy isn't what has garnered publicity for Acxiom. The company's involvement in situations that raise privacy implications has served to remind everyone that Acxiom's business, at its core, is collecting and selling data about people.

In September of last year, a controversy erupted over JetBlue turning over customer data to the federal government. A year earlier, the airline had provided data on 1.5 million passengers to Torch Concepts Inc., a military contractor developing a system for screening visitors to military bases. JetBlue and Torch Concepts were both Acxiom clients, and Acxiom provided the military contractor with demographic data and Social Security numbers to use with the passenger list provided by the airline.

Government privacy policies lag the private sector by 10 years, Jennifer Barrett says. Acxiom provides privacy-consulting services to the government. -- Photo by Bob Stefko

Government privacy policies lag the private sector by 10 years, Jennifer Barrett says. Acxiom provides privacy-consulting services to the government.

Photo by Bob Stefko
The case has drawn Acxiom into the debate over when it's appropriate for companies to supply customer data to government agencies. Acxiom does provide data to government agencies, acknowledges the company's "privacy leader" Jennifer Barrett, though she declines to offer specifics. The company also provides privacy-consulting services to the government, Barrett says, pointing out that the government's privacy efforts and policies lag the private sector by about 10 years. "So when government agencies ask companies for data, they often haven't thought about these issues the way Acxiom has," she says. Still, government contracts account for less than 1% of the company's revenue.

Acxiom considers privacy a core competency, and providing clients with privacy-consulting services is a lucrative part of its business. It was among the first companies to create a chief privacy officer post and has nine full-time employees devoted to privacy issues, along with dedicated resources in each country where Acxiom does business. Also, Acxiom is working with several members of Congress to help shape a national privacy policy, says the company's "legal leader," Jerry Jones.

Privacy's twin brother is security, and Acxiom is working hard on that, too. The company created a security chief post in late 2003 and named Frank Caserta, a senior technical adviser in the database and data warehouse group, to the position. His job is to make sure Acxiom has a centralized, strategic view of data security and to champion best data-security practices within Acxiom and among its clients, Caserta says.

Some clients have sent teams to investigate Acxiom's data-security practices, and Caserta's first six months on the job were devoted to those audits. Since April, he has focused on corporate governance issues, studying how Acxiom identifies and mitigates security risks. He also has been meeting with his counterparts at client companies and adopting their best practices, such as using a third-party company to test Acxiom's IT-security perimeter twice a year. "Things are tighter and better, but there's always room for improvement," he says.

And room for growth. An increasingly security-conscious world is opening up new opportunities for Acxiom to provide data in areas such as employee background checks, compliance with regulations like the USA Patriot Act and the Do Not Call Registry, and fraud detection. In February, credit-data provider and Acxiom customer TransUnion LLC and Acxiom introduced a system for fraud prevention and regulatory compliance for financial-services, insurance, and telecommunications companies.

Two important growth opportunities are acquisition and global expansion. Acxiom served both imperatives earlier this year by acquiring Consodata S.A., a European consumer-database marketer, for $36.4 million; late last year, Acxiom acquired Claritas Europe, a data marketer based in Haarlem, the Netherlands, for approximately $40 million. Together, they will make up Acxiom's base of European operations.

Acxiom may have even more ambitious globalization plans. Having just returned from a lengthy trip through Asia, CEO Morgan says information systems for checking customer credit are woefully underdeveloped in China, where consumers can wait months to get approval for car loans. "You can imagine the fees," he says. "And you wouldn't believe the paperwork."

Continue to the sidebars:
"True Grid: Acxiom Outgrows Symmetric Multiprocessing"
"Acxiom's Cult Of Personality: Charles Morgan, Company Leader"
"Acxiom Privacy Leader Jennifer Barrett: A Few Questions"
and "Taking Aim At Acxiom"