As we break into a new decade and begin a new period of emerging and maturing privacy regulations, our experts have assembled a list of predictions for the privacy landscape in 2020.
Discover what they mean for you and your privacy team below.
1) Privacy compliance strategies will shift from regional to global, unifying best practices for personal data protection.
In a recent IAPP study, over 40% of respondents reported that their organisations were working to comply with between 2 to 5 different privacy legislations simultaneously. Meanwhile, another 13% are already working to comply with 6 to 10 regulations. This has resulted in an increasing need for global privacy strategies and tools that enable fuller processing awareness, along with more scalable data mapping and granular reporting.
2) Companies will continue ditching spreadsheets in favour of dedicated software as privacy management increases in complexity.
When GDPR came into enforcement in 2018, many companies were caught off-guard without digital tools designed to effectively manage privacy. In just two quick years, privacy tech vendors have increased in number while further developing their solutions to keep pace with emerging legislation. With the added pressures of multiple privacy regulations, businesses will no longer be able to manage their processing of personal data without software that is purpose built to manage modern privacy compliance.
3) Third party risk management will continue to dominate among risk calculation and mitigation practices.
Under new privacy regulations, data controllers are responsible for the processing activities of the vendors they use. In practice, this has meant lots of time being devoted to vendor risk assessments. Now, companies will increasingly require tools that feature simple ways of conducting, customising, and actioning risk assessments to maintain privacy compliance long-term.
4) Privacy will become an even more significant part of company and product positioning.
With large software and technology vendors like Microsoft and Apple openly embracing data protection and consumer privacy rights, more companies will undoubtedly move to position themselves as leaders in data protection to increase consumer trust. For many companies in other industries, this is also an opportunity to market and communicate strong stances on data protection as a way to build a uniquely-positioned brand in the 20s.
5) Privacy will continue to draw increased attention of boards across the globe.
By some estimates, the average cost of non-compliance with data protection legislations can reach upwards of $15 million. For many an executive board, the increasing financial risks of non-compliance, along with reports of a back-log of cases already on-file with data protection authorities means that boards will continue to recognise the need for action on privacy compliance.