Today, there are more than 125 countries that have some form of privacy laws for the protection of data and privacy.
Signifying a landmark in the evolution of the country’s regulatory framework, the UAE joined Saudi Arabia in enacting the Personal Data Law in December.
Since the General Data Protection Regulation (GDPR) came into force in 2018 as the most forward thinking and extensive legal provision for the protection of personal data, several new data security laws around the world were enforced, including the California Consumer Privacy Act (CCPA) in 2020.
This year, in the EU, the Digital Services Act (DSA) and the Digital Markets Act (DMA) that seek to limit the power of global internet firms on the European market could be adopted as early as the first half of 2022. Tech giants including Google, Apple, Amazon, Meta and others could face hefty penalties for violating the rules.
GDPR has set the standard and has shaped the trends that dominate this sector today, as privacy laws continue to evolve and develop to ensure personal data protection across all use cases and situations.
In 2022, pressure will be on tech companies, especially those collecting personal information. We can expect many countries to draft regulations, as compliance will demand an ability to know what data companies have, how they store personally identifiable information, and who has access to it.
Enterprises now understand that data governance is not a mere checkbox in vendor solutions. This year, we are expecting an acceleration of building up an ecosystem of data governance platform providers, computing vendors, and platform vendors aligning around delivering data governance capabilities to drive usage and adoption.
As organisations of all sizes become increasingly data-driven, we will see growth of platforms and tools that simplify ethical and responsible use of data. For example, recently Privacy Dynamics launched a SaaS application that can anonymise thousands of records per second with the click of a button. Previously, data and analytics teams anonymising data would build manual transformations in SQL, which was time-consuming and required a level of legal expertise that few employees possess. Privacy Dynamics allows data scientists and non-technical users — including marketers, analysts, sales reps, and finance workers — to quickly access compliant data on-demand for business intelligence, analytics, machine learning, and data publishing.
In all certainty, data governance scope will expand. Consumers are demanding access to the latest data in near real-time to enable use cases such as anomaly detection or machine learning, said Sanjeev Mohan, a data and analytics expert and former Research Vice President at Gartner.
“This has led to an explosion of ‘modern data stacks,’ ranging from cloud data warehouses to lake houses. Departments are demanding autonomy to deploy the most cost-effective stack that meets their functional and non-functional requirements,” said Mohan.
“This will splinter the technology infrastructure landscape. Governing access to data in a distributed, domain-centric environment will no longer be a DIY project. It will require a comprehensive federated governance platform,” he added.
According to Mohan, data consumption platforms will require a common authorisation framework. “New approaches to consuming data include data exchanges, marketplaces, and other data-sharing options. In addition, organisations are starting to invest in data mesh and data fabric, approaches that promise to remove data engineering bottlenecks and foster agility. However, decentralised architectures add complexities to governing and securing data that is spread across multiple locations. A unified data access governance platform will be required to apply policies consistently and enable regulatory compliance.”
With many high-profile breaches in 2021 and the year before, organisations understand the consequences of poor data practices.
While supply chains undergo rapid digitalisation, data protection has emerged as a key challenge for the logistics sector. Manufacturing supply chains will ramp up activities on how to address data management and data privacy concerns. The companies will draw up a plan on how they intend to ensure the proper collection and usage of all forms of customer data. Given the sheer amount of data circulating in the logistics supply chain, it won’t be an easy task.
With the heightened concern around security and privacy, even new tech companies and startups, especially fintech and health tech, will have to build data privacy into their core product offerings to eliminate risk and drive adoption.
For data driven businesses, a common approach will be to fulfil the technical requirements for at least GDPR, and then, perhaps, layer in the required capabilities for other regulations as needed. There will be huge consequences if they carry on with a wait-and-see approach toward regulatory compliance. If they don’t act decisively, they will fall further behind while risks continue to increase.
If you liked reading this, you might like our other stories