Predicts 2019: The Ambiguous Future of Privacy
- Privacy and data protection regulations globally follow a trend of increased maturity and detail, representing risks in both financial and personal impact, including jail sentences.
- New technologies (such as blockchain) bear both promise and risk. These arrivals are double-edged swords with apparent privacy challenges and opportunities for CISOs to consider.
- When given the choice, customers will make deliberate privacy decisions on how their data is processed and why, while exploitative privacy invasion seems to lead to competitive advantage, at least in the short term.
- Responding jurisprudence and ongoing regulatory maturity in development is meant to restore the sanctity of an individual’s privacy rights and an industrywide level playing field globally.
Gartner recommends CISOs, IT security and risk management leaders should do the following:
- Investigate the security and privacy risks of blockchain technologies, such as the potential consequences of handling personal customer data and the risk of unauthorized disclosures.
- CISOs should adopt the General Data Protection Regulation (GDPR) consent blueprint for consent management outside of the EU. Early adopters will have a competitive advantage in privacy planning.
- Treat digital transformation as a time for experimentation, with room for mistakes, by monitoring for unintended consequences, taking responsibility for mistakes and moving on.
- Develop effective data retention policies by providing business-centric risk minimization options that prioritize individual privacy.