Universal security and privacy automation
Protect data and manage risk
Analyze conversational chat data
Reduce the time and cost to comply
Self-service without friction or delay
Align data protection and business use
Tailor access controls and data privacy
Flexible, consistent, scalable
Automate actionable compliance steps
Who we integrate with
Our professional services
Power responsible use
From clinical to commercial
Optimize data tests
Open new revenue streams
Realize the potential of the cloud
Protect data from misuse
Transform your data
Opinion and industry insights
An A to Z of the industry
The podcast for data leaders
Press releases, awards, and more
Staying at the cutting edge
The team behind Privitar
A thriving partner ecosystem
Our story, values, and careers
Dedicated customer assistance
Dec 20, 2021
In 2021 we saw significant efforts to close the implementation gap – this is the gap between legal requirements (often expressed as high-level principles) and operational decisions. Regulators and industry bodies, among others, sought to clarify how organizations should operationalize the high-level principles in data protection principles and laws. For example, the UK’s Information Commissioner’s Office (ICO) launched a consultation on updated guidance on anonymization and the Enterprise Data Management Council, an industry body with 250+ members, developed their Cloud Data Management Capabilities Framework, an industry standard framework. We’re also seeing increasing recognition of the need for specific advice for sectors or technologies to complement the broader data protection regime. For instance, the ICO’s data protection in AI framework or the CDEI’s guide to adopting Privacy Enhancing Technologies (PETs). We expect that this trend will accelerate in 2022. We’ll see greater use of sector-specific case studies and industry-led initiatives to define and document best practice. These will help increase an organization’s confidence that it is fully compliant.
Conversations about “trust” dominated in 2021. Organizations continued to invest heavily in compliance programs, and we started to see market leaders looking beyond compliance to embed responsible or ethical data use as a top priority. Organizations increasingly recognize that data use can cause harm to individuals. For example, this may occur if an unfair or biased model is used to support decision making. Initiatives to ensure responsible data use are starting to emerge as an essential element of an organization’s corporate and social responsibility agenda. We expect this trend to continue into 2022 and beyond, as organizations develop internal processes and workflows to embed responsible data use. We believe that processes and workflows are critical to ensure a consistent approach, at scale, across all of an organization’s data assets.
Debate around enforcement continued in 2021. Challenges around the “lead supervisory authority” and the consistency mechanisms in GDPR (mainly Articles 60 and 65) mean that national regulators have struggled to hold global companies accountable. For example, the Irish DPC’s ruling on Whatsapp revealed significant differences of opinion.
Resource constraints are also a significant challenge for regulators. We see signs that this may be starting to change, including: (1) in the US, the launch of California’s privacy regulator to enforce CPRA and the potential for significant new funding for the FTC; (2) pressure on European regulators to up their game in related domains (for example) the Italian competition regulator’s fine against Amazon; and (3) the UK courts closing down class action claims for damages arising from the “loss of control” of personal data (for example, in Lloyd v Google). Closing this legal avenue could put more pressure on the ICO to act in defense of individual rights. Action on “loss of control” of data could be significant in the context of the ICO ramping up work on ad tech: the profiling and data collection fueling targeted advertising may use data in unexpected and unwelcome ways. Will 2022 be the year that regulators take enforcement up a notch?
Sorry, no posts matched your criteria.
Our experts are ready to answer your questions and discuss how Privitar’s security and privacy solutions can fuel your efficiency, innovation, and business growth.