We chatted with data privacy expert Debbie Reynolds who is both scared and optimistic about the future technology and data privacy regulations
“To me, it’s exciting but scary [at the same time] because we are already seeing organisations and countries lag on protecting the privacy of individuals of things that are already existing… I think the metaverse and how people will be connecting with the devices and the data that it collects will have to rethink security in a way that we haven’t yet,” said Debbie Reynolds, aka The Data Diva, Global Data Privacy & Protection Expert Strategist.
A technologist, thought-leader, and advisor handling global data privacy and cross-functional data-driven projects, Reynolds is also an internationally published author and host of the podcast The Data Diva Talks Privacy. Additionally, Reynolds is the founding executive member of the Digital Directors Network that focuses on the digital future. An adjunct professor at different universities, Reynolds worked with Eimer Stahl as the Data Privacy Officer.
While Reynolds is happy that data privacy is becoming a top priority for both consumers and organisations, she worries that laws are taking a slow curve in several countries. With rapid technological innovations, from the metaverse to the blockchain, the data privacy landscape is continuously changing shape and context. While Reynolds is excited about it, she urges enterprise leaders to rethink their data privacy strategies at every step of the way.
Excerpts from the interview
How do you see current data privacy laws evolving? Are you happy with the speed and scale of it?
I am happy that more people are talking about data privacy, but I am not happy with the progress. I am happy to see that Europe is making a lot of progress, and has done so for decades. I was surprised that China passed comprehensive data privacy consumer laws, and I am disappointed that, in the US, even though we have had a lot of movement on the state level, we do not on the federal level.
Meanwhile, there are a lot of new regulations coming into play in the Middle East. The UAE passed data protection laws. And I’m hoping the data protection bill in India gets passed this year. They have the front row seat with what’s happening in data privacy while having access to so much technology. What happens in India could probably be an example of what we do in the US going forward.
Can blockchain help strengthen data and security guidelines?
Definitely. When people started talking about blockchain, they were talking about bitcoin. Now, people are more mature. They know now that blockchain is more than that, especially in the identity space. Having blockchain as part of a process to protect identity, and to be able to have them do transactions fast is important.
Are dark web monitoring tools critical for data privacy?
We know that people’s usernames and passwords are often stolen from organisations and sold on the dark web, and so dark web monitoring tools can help. For example, they can make a notification and say that “We scanned the dark web, and we found your login and password. You need to change your password.” Any information and tools that consumers can use to protect themselves is important.
What are your thoughts on the metaverse and the role that data will play in it?
The metaverse is going to be huge. But people can get confused when they think about the metaverse. They think about it as an online, virtual thing wearing certain glasses. There are some parts of the metaverse that have that, sure but what I’m excited about is the device capability with sensors, where the metaverse in my view becomes the internet around you.
To me, it’s exciting but scary [at the same time] because we are already seeing organisations and countries lag on protecting the privacy of individuals of things that are already existing. And now we are talking about merging worlds! I think the metaverse and how people will be connecting with devices and the data that it collects will have to rethink security in a way that we haven’t yet. Devices will be cross-referencing information about individuals. These are the things that concern me.
What should be the top strategy for enterprises that deal with surplus data?
The top strategy for enterprises that deal with surplus data is to not think in the same old ways. The way we talk about privacy in the past isn’t going to be sufficient in the future. The world is changing, and we need to think about how we share information. As long as we keep our eyes open and think about the new threats, we will be okay. We have to be smarter and be ahead of the curve. From a privacy perspective, I think organisations need to realise that the data that they have, especially if it touches individuals or is about individuals, it does not belong to them. That’s a big mind shift and you’ll be able to fulfil the spirit of any data privacy regulation.
If you liked reading this, you might like our other stories