21st Century Fox

Fast Facts


Customer Name

21st Century Fox

Size

Enterprise

Industry

  • Media & Publishing

Region

  • EMEA
  • Global

Key Regulations

  • ePrivacy
  • GDPR

Products

  • Data Mapping Automation
  • Universal Consent and Preference Management
  • Consent Management for Publishers
  • PIA & DPIA Automation
Download PDF

21st Century Fox: Leveraging OneTrust for Privacy Compliance


21st Century Fox (21CF) is one of the world’s leading media companies. With a global portfolio of cable, broadcast, film, pay TV and satellite assets spanning six continents across the globe, 21CF properties reaches nearly two billion subscribers each day. Fox, National Geographic, Fox News, Twentieth Century Fox, FX and Star India are all brands under the 21CF portfolio.

Like many companies in the ever-changing media landscape, 21CF is too evolving from a traditionally business-to-business operation into a more direct-to-consumer business model. Data-driven insights are incredibly valuable to delivering 21CF content to the right people at the right time, but can cause data protection concerns.

“OneTrust is a real one stop shop for privacy. I can’t understate the importance of using a tool instead of doing it by yourself. You may need to invest more on the front end, but the work more than pays itself back in the end.”
Fabrizia Giacomini
VP Associate General Counsel of EU Data Protection

21CF took a proactive approach to its privacy program to assure its consumers that they have the policies and procedures in place to protect their data. Two years before the 2018 deadline, 21CF hired Fabrizia Giacomini as its VP Associate General Counsel of EU Data Protection to get the company GDPR ready.

A simple tool to solve a complex business challenge

21CF is a complex, multinational organization, according to Giacomini, and ensure data protection across various regions and global privacy regulations was an initial challenge to compliance. 21CF took a risk-adverse approach to its privacy program. Even in cases where GDPR may not be a requirement (based on region or number of employees), 21CF chose to implement the most privacy-focused approach.

“We chose OneTrust to help with the complexity of our business,” explained Giacomini. “We wanted to ensure we were doing all we could to meet GDPR requirements, and OneTrust helped.”

Giacomini first heard about OneTrust at an International Association of Privacy Professionals (IAPP) conference. After evaluating a number of tools, she chose OneTrust.

“I found OneTrust to be so intuitive and easy to use, even for a lawyer like me!” she said. “Privacy Champions across the company using OneTrust have confirmed my view. The tool is always improving and changing as regulations are being interpreted so I can rely on the tool to support our continuing compliance.”

Building a privacy management program to scale

To get started, Giacomini created a network of internal privacy champions in specific 21CF’s operating countries. Together with DLA Piper, the law firm assisting 21CF with GDPR implementation, they customized the OneTrust environment to meet the needs of the organization and structure.

With the OneTrust environment set, 21CF inputted data into the system and began sending out assessment automation queries and data mapping questionnaires to various business units across the company. The network of privacy champions helped evangelize the process across the organization and increase response times. With this information, Giacomini was and continues to be able to identify risks and mitigate data protection gaps within the company.

Looking forward to ePrivacy and marketing compliance

As 21CF looks beyond GDPR into other global privacy laws like the ePrivacy Regulation, Giacomini and her team plan to leverage other OneTrust modules for marketing compliance.

“Consent tracking is the next mission for our websites and any product or service where there is a web form,” she said. Marketing compliance is a major priority for the business, and Giacomini can leverage OneTrust Universal Consent to track marketing consent for compliance.

Also on the list is OneTrust Cookie Compliance and Website Scanning. “We already love the cookie tool and are just waiting for development and progress with the ePrivacy pieces of regulation for our final decision on cookies,” said Giacomini.

From assessment automation, to data mapping, to DSARS, to universal consent and cookie compliance, Giacomini is able to bring all the aspects of a GDPR-compliance program together into one tool with OneTrust.

“My goal has been to have everything in one place,” she said. “OneTrust is a real one stop shop for privacy. I can’t understate the importance of using a tool instead of doing it by yourself. You may need to invest more on the front end, but the work more than pays itself back in the end.”