In our ever-connected world ... the amount of data available to cultivate just the right messaging for our clients is immense. It is important for IPG to continue to nurture our growing culture of privacy and data protection not only because of robust legal compliance requirements, but because being responsible data users is core to our values.

Andrew Bonzani, IPG Executive Vice President & General Counsel

Management of Information Security, Data & Privacy

IPG has made significant investments in privacy leadership, creating high-level roles at several of our companies and an IPG Corporate Privacy Office led by the Global Chief Privacy Counsel. Several entities have responsibility for IPG’s efforts in information technology security, data protection and privacy. These include IPG’s: Chief Information Officer; Chief Information Security Officer; Global Privacy & Data Protection Team; specialized steering committees; and a network of Privacy Champions across our companies.

Industry Initiatives

IPG companies are active participants in several industry initiatives focused on advancing data privacy, including: International Data Privacy Week, I-COM Data Ethics Council, and the Digital University for Regulator series. 

IPG companies are also affiliated with several organizations addressing privacy and information policy, including:

  • Privacy for America – Steering Committee
  • The Information Accountability Foundation
  • The Center for Information Policy Leadership – Advisory Board
  • The Future of Privacy Forum – Advisory Board
  • Global Privacy Assembly
  • International Association of Privacy Professionals (IAPP) – Education Advisory Board
  • Global Privacy Alliance
  • Business Roundtable – Privacy Working Group
  • Association of National Advertisers (ANA) – Ethics Review Committee

Policies Supporting Data Ethics & Privacy

The IPG Code of Conduct applies to all our companies and their employees, and expresses IPG’s respect for individuals’ privacy, underlining the duty to protect personal information (PI) in accordance with applicable privacy and data protection laws wherever IPG conducts business.

Several other policies and guidance documents are in place to support IPG employees and companies in fulfilling our commitment to transparent, accountable and ethical data use to power our marketing intelligence services.

IPG utilizes internal and external audits alongside various other measures and metrics to track compliance with policies and identify opportunities for improvement.

Additional Policy Topics

IPG has additional internal policies and procedures covering the following topics:

Incident Response

Information Security

Data Classification

Cloud Security

Access Controls

Remote Access

Acceptable Use of IPG Information & Systems

Information Exchange & Electronic Communications

Internet of Things (IoT)

Social Media

Employee Training & Awareness

Employee training on data protection and information security is covered in our mandatory annual Code of Conduct training. In 2022, IPG had a 96% completion rate for this employee training on data protection and information security.

Additionally, employees are trained in this area for example, simulated phishing attacks. If an employee fails these exercises, they receive additional training, and repeated failures are addressed by managers through performance reviews or other means.