Organizations around the world need to focus on five privacy trends to address the challenges of protecting personal data and complying with legal requirements. According to market researcher Gartner. In a few years, data from around 75 percent of the world’s population will be subject to privacy regulations such as the European GDPR.
“This regulatory development has been the dominant catalyst for the operationalization of privacy,” said Nader Henein, VP analyst at Gartner. “Since most organizations do not have a specific privacy practice, the responsibility for operationalizing these requirements is transferred to technology, more specifically cyber security, under the umbrella of the CISO office.”
As privacy regulation (political and governmental) expands across dozens of jurisdictions over the next two years, many organizations will see the need to begin their efforts for privacy programs now. In fact, Gartner predicts that the average annual budget for large privacy organizations will exceed $ 2.5 million by 2024.
Gartner identifies five privacy trends that support organizations’ privacy practices, as well as facilitate business decision makers.
1. Data localization
In a borderless digital society, it seems counterintuitive to monitor the country where the data is located. However, this control is a direct requirement or a by-product of many new privacy laws.
The risks of a cross-country business strategy drive a new approach to cloud design and procurement across all service models, as security and risk management managers face an uneven regulatory landscape with different regions requiring different localization strategies. As a result, data location planning will become a top priority when designing and procuring cloud services.
2. Computational techniques that strengthen privacy
Data processing in unreliable environments – such as the public cloud – and sharing and analyzing data from multiple parties has become fundamental to an organization’s success. The increasing complexity of analytics engines and architectures does not require vendors to adopt a fixed approach, but instead requires vendors to include an urban design privacy feature. The prevalence of AI models and the need to train them is just the latest addition to privacy issues.
Unlike commonly used security controls for dormant data, Privacy Enhancement (PEC) protects data in use. As a result, organizations may implement data processing and analytics that were previously impossible due to privacy or security issues.
Gartner predicts that by 60 percent, large organizations by 2025 will use at least one PEC technology in analytics, business intelligence, and / or cloud computing.
3. AI management
A previous Gartner study found that 40 percent of organizations had an AI-induced privacy breach, and only one in four of those breaches were malicious. Whether organizations process personal data through an AI-based module integrated into a vendor offering, or a separate platform managed by an in-house data science team, the risks to privacy and potential misuse of personal data are clear.
“Much of the artificial intelligence used in organizations today is built into larger solutions, with little overview to assess the impact on privacy,” Henein said. “These built-in AI features are used to track employee behavior, assess consumer confidence, and build ‘smart’ products that learn on the go. In addition, the data entered into these learning models today will influence decisions made years later. “When AI regulation becomes more entrenched, it will be almost impossible to solve toxic data ingested without an AI management program. IT managers will have to wipe out the systems as a whole, at great cost to their organizations and their reputation.”
Centralized Privacy UX
Increased consumer demand for subject rights and increased expectations for transparency will drive the need for a centralized privacy user experience (UX). Forward-looking organizations understand the benefit of consolidating all aspects of privacy UX – messaging, cookies, consent management and subject matter management – into one self-service portal. This approach provides convenience for key components, customers and employees and provides significant time and cost savings.
Gartner predicts that by 2023, 30 percent of consumer organizations will offer a self-service transparency portal for preference and consent management.
5. Remote control becomes ‘hybrid everything’
As engagement models in work and life become hybrid, both the possibility and desire for increased tracking, monitoring and other personal data processing activities increase, and the risk to privacy becomes paramount.
With the privacy implications of a fully hybrid set of interactions, productivity and job satisfaction have also increased across industries and disciplines. Organizations should have a people-centered approach to privacy, and monitoring data should be used minimally and with a clear purpose, such as improving the employee experience by eliminating unnecessary friction or reducing the risk of burnout by identifying wellness risks.