Data protection, privacy, and how our personal data is used by companies and other institutions has recently become a prominent issue. There are many reasons for this, but some are easily identifiable:
- The GDPR coming into effect in Europe, giving individuals legal rights over their data and making companies accountable in the event of non-compliance
- The Facebook–Cambridge Analytica scandal in the US
- High-profile data breaches at companies like British Airways and Marriott Hotels
Since we are all becoming increasingly aware of how our personal data is used by companies, our closer focus on this issue has become the new norm. With this new norm, we at GDPR365 think that some existing trends will continue to play out and some new ones will develop. While it’s impossible (or near impossible) to predict the future, our team has gone ahead and decided to do it anyway. Here are our 9 predictions for 2019:
1. More and more small and medium-sized businesses will be fined
Among small to medium-sized companies there remains a sentiment that the GDPR was like a Y2K event—that it has come and gone with little impact. We believe this position will change over the course of 2019 as supervisory authorities will begin to sanction small and medium-sized businesses as well as large, high-profile ones. Businesses that have not yet prioritised data security will start to pay attention and take steps to ensure they have governance and documentation practices in place.
2. Blockchain and consent in GDPR
More blockchain systems and solutions for managing consent across multiple platforms will come on the market. Whether blockchain is the best way to manage consent on personal data is still up for debate, since by nature it is a public database, but in 2019 we’ll begin to see how and whether blockchain can provide a viable consent solution.
3. California Consumer Protection Act: the possible game changer
The US will wake up to data protection and a data protection law will either be passed or begin to work its way through the legislative process.
4. More and more data breaches
There will be several more large data breaches
(this is an easy one). And yes, some will be caused by technical exploits and vulnerabilities that were known and not fixed. They will further focus people’s attention on how their personal data is used and make people and companies understand the importance of having data security governance programs in place.
5. Identification will be more secure
Identity access management frameworks will grow in prevalence as recognition technologies and user authentication become more important for companies that need to understand who is accessing and processing the personal data they hold.
6. Data Security also lies in the hands of employees
Education of staff about threats will become more important as companies wake up fully to the fact that data security is not only about technology solutions but about making sure that employees and contractors are aware of the threats.
7. GDPR remains a template for other countries
GDPR legislation will become and remain the template and effective data security standard for large organisations in countries that do not currently have legislation. It will also be the template for new data security regulations that are proposed or come into effect in those countries.
8. Being compliant gives a competitive benefit
As awareness about data usage continues to grow, organisations will begin to realise that complying with privacy legislation gives them a competitive edge in the marketplace. To be honest, this is more of a hope than a prediction.
9. Compliance is an ongoing process
Organisations will begin to understand that managing data protection and privacy compliance is an ongoing process and not a one-off event
. The focus of many organisations in 2018 was becoming GDPR compliant with little thought about how to maintain compliance in the future. As a result, using SaaS frameworks to manage compliance will become an accepted practice.
So, those are our thoughts. Please feel free to comment and give us your ideas. We’d welcome feedback and discussion.