The issue of data privacy has risen dramatically over the past few years, from a fringe concept to a major regulatory concern, particularly with the creation of GDPR. But what predictions do experts have for data privacy in 2020?
We heard from experts across the technology space about their predictions for 2020, from new regulations to emerging business practices shaping data privacy.
2020 data privacy predictions
The rest of the data privacy iceberg will begin to emerge
While regulations like Europe’s GDPR and the California Consumer Privacy Act (CCPA) have already been established, we will continue to see new regulatory developments surrounding data privacy through 2020 and beyond. Although these regulations have their inherent differences, the general scope of data privacy laws is to give consumers the right to know how and what type of personally identifiable information (PII) is collected, and the option to take legal action in the event that they should incur damages from bias or data security breaches.
Until now, most organisations have focused their efforts on structured information, but they must also be able to understand what PII is located in textual data documents. Archived data, in particular, is an especially pressing concern for most enterprises. AI-powered solutions will be instrumental in locating sensitive data and managing it through automated workflows.
Organisations will also need to establish internal data governance practices to determine who is accountable for data security and enterprise-wide policy, which may include creating teams that blend technical and regulatory expertise.
Zachary Jarvinen, head of technology strategy, AI and analytics, OpenText
Data-as-a-Service will become a growing source of revenue for big companies
The effective use of enterprise data for strategic decision making has become a key priority for all big companies in the last few years. As a consequence, companies have created high quality datasets and a sophisticated technology architecture to manage them and expose them to consumers. Companies have also invested heavily in automating their business processes for greater efficiency.
In the new year, since many big companies will now own high-value, unique data and services, the next logical step is reusing this infrastructure in order to offer them to third-parties. For instance, we are already seeing telecommunications companies selling customers geolocation data for a variety of purposes.
This trend will be significantly accentuated during 2020 in all major industries. From the investment standpoint, this will involve higher demand for the technologies involved in creating and exposing data as a service, like GraphQL, Data Virtualization and/or API management tools.
Alberto Pan, chief technical officer, Denodo
The emergence of global data standards and data-centric roles
Data bloat is only one of the challenges facing organisations in 2020. The next most pressing will be data quality and efficiency of managing it. Not all companies take the same pains to optimise their data, resulting in repositories of unstructured data that are larger and less efficiently managed than they should be.
While standards such as GDPR have started to make a positive impact on helping companies prioritise data hygiene and protection, there is no single, global framework that tells businesses how they should store, manage, classify, protect and secure their data.
It’s easy to become accustomed to the status quo, but this divergence in data practices only slows down the flow of data between organisations and forces many to waste added time and resources on data cleansing and management. Data has become the lifeblood of many sectors – we can’t afford to let it clot. That’s why we’ll see the beginnings of a concerted movement across industries to bring in legally enforceable standards for data quality. Arguably synthetic data will commonly be used as a mechanism to share intelligence without compromising the source or the subject of the data.
A single, global data standard that crosses borders remains a pipedream, but we should expect to see many industries start to entrench good data practice for their members, regardless of their country of origin or location of their customers. The penalties for non-compliance may even include fines, the loss of industry accreditation or being banned from important associations. Of course, mileage and speed will vary from sector to sector – already heavily regulated industries like banking and healthcare will likely take the lead – but any progress means better data quality and fewer data dilemmas.
The question is, who in the organisation will be charged with enforcing these new data standards? Many businesses already employ chief data officers (CDOs) and data protection officers (DPOs) to ensure their digital estate is secure and protected. However, the sheer amount of data they are responsible for, coupled with the growing awareness of data’s importance across the entire business, means we are going to see data responsibility filter out rather than become more centralised.
Rather than having a single CDO or DPO, different departments will begin to employ personnel with multiple competencies, including data expertise. Candidates with data experience in addition to the skillset traditionally expected for their role will only become more sought after as organisations hire for new hybrid roles. Other departments may take the alternate approach of hiring their own data specialist. Regardless, the time when data responsibility was passed off to IT or laid solely at the feet of the CDO will come to an end.
Jasmit Sagoo, senior director, head of technology UK&I at Veritas Technologies
A flood of data privacy regulations…
Privacy 2024 Recap – some significant decisions, slow progress for reform
The past year saw a few court decisions of note as well as halting progress toward privacy…