OneTrust, the heavily funded data privacy, governance, and compliance company, has acquired DocuVision, an AI-powered platform used to find and redact sensitive data in large volumes of documents and emails. Terms of the deal were not disclosed.
The acquisition represents the first notable activity from Atlanta, Georgia-based OneTrust since its recent $300 million raise, which valued the company at more than $5 billion.
Businesses have fallen under increasing scrutiny and pressure to comply with a growing array of data privacy regulations, including GDPR in Europe and CCPA in California, while any enterprise wishing to be taken seriously by potential clients must demonstrate an ability to safeguard all manner of private and confidential information.
Founded in 2016, OneTrust is one of many startups that have emerged to capitalize on the demand for data privacy tools, both for regulatory compliance and customer peace of mind. The company offers a self-assessment tool that helps its customers see how close they are to complying with legal frameworks such as GDPR, as well as “data mapping” to show companies how data is flowing through the organization and across borders. Throw into the mix a suite of products for marketers, such as cookie compliance, consent management, and breach response tools, and it’s clear OneTrust has been bolstering its arsenal of automated smarts to cater to the burgeoning $80 billion data privacy market.
Founded out of Berkeley, California in 2019, Docuvision serves companies with tools to automatically discover personally identifiable information (PII), such as names, social security numbers, and potential passwords. With its Redacted.ai product, companies can automatically redact more than 100 different types of personal information, including signatures, logos, and images of faces — which is what OneTrust is essentially buying.
Alongside the acquisition news, OneTrust announced that it has launched a new integrated product that builds on its existing capabilities — called OneTrust Data Redaction — aimed at privacy, legal, and information security departments. The company said it has created the “first fully automated data subject rights (DSAR) workflow, including intake, ID verification, discovery, redaction, and secure response,” according to a press release.
This means a customer who requests access to their data under a right-of-access stipulation can do so more quickly, as the business can safeguard other non-relevant PII contained in the document by automatically redacting it rather than manually poring over pages of text. It also helps enterprises support any number of use cases, such as litigation, freedom of information (FOIA) requests, and merger and acquisition disclosures. Redacted.ai also has an API, which means it can be integrated into third-party cloud platforms such as AWS, OneDrive, SharePoint, Dropbox, and Google Drive.
A number of startups have taken an API-based approach to monetizing data privacy, including Skyflow, which recently raised $17.5 million to develop its cloud-native “data privacy vault” that enables developers to build applications and workflows without having to worry about data privacy themselves. Meanwhile, Ubiq Security has created an API-based platform for developers to integrate encryption into their apps.
VentureBeatVentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more