Trends in Data Privacy

Data privacy is the data protection of sensitive data such as personal information and other confidential data. In an ideal world, the sharing of such data would be fully in control of the person from whom such data originates however, in today's interconnected online environment, it seems no longer possible for this to be accomplished. In positive terms, we speak glowingly of the transparency that the internet have brought us but in negative terms, it is simply an invasion of privacy. Moving forward, how will this monumental challenge be tackled? Here are the 3 key trends in Data Privacy:

1. Increased Global Regulations - The enforcement of the European Union's General Data Protection Regulation (GDPR) is followed in quick succession by California's Consumer Privacy Act, Brazil's General Data Protetion Law (LGPD) and a string of Asian data privacy initiatives suggest that around the world, there is a growing focus on data privacy, Gartner Inc.'s report also expect that by 2023, at least 65% of the world's population will be covered under modern privacy regulations. This suggests that globally, enforcement of data privacy regulations will only increase.

2.  Greater Awareness - To understand the greater awareness of corporations, one must first look at the increasing repercussions and clamp downs on corporations who flout such laws. In just the beginning of 2021, GDPR fines have been estimated to be around 292 million Euros, with even big corporations like Google, British Airways and Mariott falling foul of the increased regulations. On the end of the consumer, greater publicity on data privacy infringements such as the Cambridge Analytica-Facebook scandal have increased public awareness on this issue as well. In fact, consumers have even shown themselves to be willing to forego popular platforms to protect their personal data, as witnessed in the case of Whatsapp updating its privacy policies.

3. Focus on Third Party Risk Management - The GDPR has enhanced current obligations of organizations to vet the third parties they work with, with a requirement of them to be subject to third party partner evaluations and agreements. Gartner Inc.'s evaluations have shown that despite a heavy reliance on third parties, only 35% of organizations consider their third-party risk management to be effective. In 2020, the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield Agreement, protecting corporations from third party leaks of citizen data. Such movements suggest that third party risk management would be a key focus of corporations moving forward.