But about 20 percent of the corporate privacy leaders who responded said they don't use any outside help on privacy issues. Either they saw no need for it or had been burned by bad experiences. "I'm not impressed" with the Big Four auditors, said one Fortune 100 CPO, while another stated, "They come to us for advice more than we go to them." There was a common perception among this group that current CPOs have more expertise than outside consultancies. So they tend to participate in forums where CPOs collaborate, such as Hunton & Williams' Center for Information Policy Leadership and the Ponemon Institute's Responsible Information Management Council.

The Outlook for Privacy Consultancies

So, what's the future of privacy consulting? Is it just a fad, like the bubble of business process re-engineering consulting in the 1990s, or is it here to stay? To get at that answer, you need to look at what's currently driving the market for hired privacy guns and ask if these factors are changing.

First and foremost, it's all about legal compliance. Within the past five years, new privacy laws have papered the industrialized world, and multinationals are searching for help to sort out their compliance plans. I see the next five years bringing more refinements and extensions of existing privacy laws that will only increase the number of variances between state, federal and international privacy standards. Variance means that global companies will have a harder time complying. As a result, some of our experts don't see any letup in the lawyering. "Privacy used to be a quirky little niche," Boschee says. "But not anymore. Privacy's on the table now for mergers and acquisitions, marketing initiatives, outsourcing, cross-border deals--you name it."

Halpert echoes this sentiment: "Companies can't avoid privacy law these days, and lawmakers impose new regulation almost every year."