Gartner Predicts for the Future of Privacy 2020

Privacy is becoming a reason for consumers to purchase a product, in the same way that “organic,” “free trade” and “cruelty-free” labels have driven products sales in the past decade.

“Privacy-first products are likely to follow this trend,” says Bart Willemsen, Vice President Analyst, Gartner. “To increase customer trust, executive leaders need to build a holistic and adaptive privacy program across the organization, and be proactive instead of responding to each jurisdictional challenge.”

“ More than 60 jurisdictions around the world have enacted or proposed postmodern privacy and data protection laws”

In 2019, Gartner observed a decline in overall customer satisfaction, an erosion of trust and an increase in privacy invasion. Today, these sentiments extend into all interactions between customers, organizations and devices.

As customers demand protection of their privacy, lawmakers around the world are preparing to meet this demand.

Security and risk management leaders should take note of these Gartner 2020 predictions for privacy to help their organizations improve transparency and reassure customers.

By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today.

More than 60 jurisdictions around the world have enacted or proposed postmodern privacy and data protection laws, following the introduction of the GDPR in 2018. These include Argentina, Australia, Brazil, Egypt, India, Indonesia, Japan, Kenya, Mexico, Nigeria, Panama, the U.S., Singapore and Thailand.

“People are actively demanding privacy protection — and legislators are reacting,” says Willemsen. “If your organization operates globally, focus on standardizing operations in accordance with the GDPR, and then adjust as required for local requirements.”

He suggests using technology solutions to assist with not only readiness efforts, but also to automate portions of your privacy management program once it’s established. This is particularly important for the handling of subject rights requests and the processes for consent and preference management (CPM).

By year-end 2022, more than 1 million organizations will have appointed a privacy officer (or data protection officer).

Increased regulation will lead organizations to hire capable, empowered senior-level privacy officers to deliver both compliance and customer satisfaction.

There were only a few thousand official privacy officers worldwide before the GDPR took effect in 2018. In 2019, it was estimated that already half a million organizations relied on the expertise of a privacy officer. Organizations that avoided hiring a privacy officer because they weren’t subject to the GDPR now need to catch up.

“Appoint a privacy officer, ideally one who reports directly to the board,” Willemsen says. “Whether the current regulatory landscape demands it or not, having a dedicated lead for the privacy discipline is necessary to help co-steer the corporate strategy and affect the organization on strategic, tactical and operational levels.”