Press Releases

STAMFORD, CT, September 14, 2020

Gartner Says By 2023, 65% of the World’s Population Will Have Its Personal Data Covered Under Modern Privacy Regulations

Analysts Explore the Future of Privacy at the Virtual Gartner Security & Risk Management Summit, September 14-17

By 2023, 65% of the world’s population will have its personal data covered under modern privacy regulations, up from 10% in 2020, according to Gartner, Inc.

“With more countries introducing modern privacy laws in the same vein as the General Data Protection Regulation (GDPR), the world has reached a threshold where the European baseline for handling personal information is now the de facto global standard,” said Nader Henein, research vice president at Gartner. “Lawmakers are introducing new privacy laws that seek parity with the GDPR. These regulations allow whole countries to move one step closer to achieving adequacy with the EU, where their local businesses can benefit from a larger market with their new “trusted” status.”

Gartner analysts presented these findings during Gartner Security & Risk Management Summit 2020, taking place virtually in the Americas and EMEA through Thursday.

While some organizations focused on cost optimization during the global COVID-19 pandemic, it is paramount that they incorporate the demands of a rapidly evolving privacy landscape into their business’s data strategy. “Security and risk management (SRM) leaders need to help their organization adapt their personal data handling practices without exposing the business to loss through fines or reputational damages.”

SRM leaders should adopt key capabilities that support increasing volume, variety and velocity of personal data by putting in place a three-stage technology-enabled privacy program: establish, maintain and evolve (see Figure 1).

Figure 1: The Three-Stage Technology-Enabled Privacy Program

Source: Gartner (September 2020)

The establish stage includes foundational capabilities of a privacy management program. They are necessary for any customer-facing organization that processes personal information. These include discovery and enrichment which allow organizations to establish and maintain privacy risk registers.

The maintain stage allows organizations to scale their privacy management programs. Capabilities focus on ongoing administration and resource management. These include augmenting incident responses to address breaches of personal data as well as bringing automation to privacy impact assessments.

The evolve stage includes specialist tools that focus on reducing privacy risk with little or no impact on the data utility. One of the more popular capabilities allows organizations to extract insight about their consumers from large pools of data without exposing them to excessive privacy risk. This has been a critical feature for marketing teams.

Gartner clients can learn more in the report “The State of Privacy and Personal Data Protection, 2020-2022.”

About Gartner Security & Risk Management Summit

The Gartner Security & Risk Management Summit 2020 brings together security, risk and identity and access management (IAM) decision makers looking to adapt and evolve their organization through disruption and uncertainty, navigate risks and prioritize investments. Follow news coming from the Gartner Security & Risk Management Summit on the Gartner Newsroom, Smarter With Gartner, on Twitter using #GartnerSEC, Instagram and LinkedIn.

About Gartner

Gartner, Inc. (NYSE: IT) delivers actionable, objective insight to executives and their teams. Our expert guidance and tools enable faster, smarter decisions and stronger performance on an organization’s mission critical priorities. To learn more, visit