The Future of Privacy

May 20

Written By

The Future of Privacy (maybe!)Trying to predict the future of privacy is such a dangerous game! But below are some changes that I believe we will see over the coming few years:1.) Privacy legislation will spread around the world, led by GDPR in Europe, CCPA in the US and the various other legislation introduced elsewhere. Consumers are becoming more concerned over the way the business world uses their data and this will continue;2.) As the data that is collected becomes more extensive, and the use of that data becomes more widespread, the conversation about privacy will mature. Organisations will move beyond focussing merely on consent and anonymisation and start looking at governance, morals/ethics and what “should” they use data for, rather than what “can” they use data for, in conjunction with what the consumer wants them to do with their data (yes, it is their data, not your data – another major cultural change). 3.) There will be a slow cultural change as industry adopts the requirements of privacy legislation and privacy management becomes normalised. The big cultural change will be to provide consumers with transparency and let the consumer decide how and when a business uses their data, particularly for sales and marketing activities. From the Board down, the culture will change to one of “privacy by design” whereby privacy and data usage is taken for granted as a requirement and is built into everything an organisation does. Currently it is more of a “bolt-on” requirement to existing culture and processes. This will change; 4.) Over time, consumers will also come to expect that their wishes will be respected by businesses. Privacy management will become the norm, rather than the exception. And companies who don’t respect their wishes will be dropped like a stone. In comparison, companies who are early adopters of the cultural changes will become “trusted brands”. 5.) On a technical level, the future of privacy will mean backup and archiving procedures will significantly change. Today, almost everything in an organisation is backed-up or archived. Data retention policies must change as this approach is opposed to the legislation requirements which require data to be kept only where you have a clear and documented reason and use for that data. And of course, data should only be kept for the minimum period necessary. 6.) Blockchain technology is an expected emerging trend. Bart Willemsen, Senior Director Analyst at Gartner has commented “Various organizations have started exploring the use of blockchain for consent management because the potential immutability and tracking of orthodox blockchains could provide the necessary tracking and auditing required to comply with data protection and privacy legislation.” 7.) Blockchain may not develop into an emerging trend for consent management (!) Businesses looking to implement blockchain technology must determine whether the data being used is subject to any privacy laws. For example, public blockchains need an immutable data structure, meaning once data is recorded, it cannot easily be modified or deleted. Privacy rights granted to individuals include the option for customers to invoke the “right to be forgotten.” In many such cases, personal data processed about them must be deleted. This raises immediate concerns, as entries in a public blockchain poisoned with personal data can’t be replaced, anonymized or structurally deleted. Therefore, businesses are unable to meet the need to keep records with their obligations to comply with privacy laws. Organizations that implement blockchain systems without managing privacy issues by design will run the risk of storing personal data that can’t be deleted without compromising chain integrity.8.) Preference management solutions such as the Cassie Privacy Management Platform will become the norm due to the need to ensure that preferences are synchronised throughout a business’ entire infrastructure, whether that be CRM, website, campaign management. We call it a “single version of the truth” in Cassie – we then use bi-directional API’s, widgets (and file transfers if necessary) to disseminate the single version of the truth throughout the business’ architecture. So an opt-in (or opt-out) made to your call centre is then reflected in your website, your marketing systems, your CRM, etc 9.) There is a huge amount of talk currently from Apple, Facebook, Google and others about making privacy a central, guiding part of their strategy and platforms. How much of this PR and spin and how much is a real, heartfelt drive remains to be seen. Many (myself included) find it hard to see those companies putting privacy before profits. But Privacy is definitely on the agenda now – in the media, in the Boardroom and in the Consumers’ mind. That can only be a good thing!