To support Data Privacy Day, KPMG has identified four trends that businesses should consider when shaping privacy programs in 2021.
COVID-19 will introduce more privacy compliance challenges
Companies were forced to accelerate digital transformation projects timelines from years to a few short months or even weeks as a result of COVID-19. Given the need to move fast to tackle the number of new challenges presented—from governing new collaboration tools to supporting a remote workforce—many of these same companies put a minimal focus on privacy by design. This has made it increasingly difficult for businesses to keep track of new personal information captured and managed and will result in a bigger boulder to push up the hill in initial and sustained privacy compliance.
Internet of Behavior (IoB) programs will significantly raise the cost of privacy and security compliance
Gartner predicts that by the end of 2025 more than half of the world's population will be subject to at least one Internet of Behavior (IoB) program. IoB refers to how organizations leverage technologies such as facial recognition, location data, etc. to capture and use human/behavioral data to influence associated behavioral events, such as cash purchases or device usage. Navigating how to manage, use and protect this new data, and for privacy and compliance executives, its impact on compliance with regulations such as the CPRA has the potential to drive up the cost of data management and privacy compliance initiatives significantly on a short- to intermediate- term horizon.
Data ethics will play a larger role in the privacy agenda
The amount of data created over the next three years will be more than the data created over the past 30 years, according to IDC. This growth will heighten the challenges companies are already facing when determining how to use, manage, and handle customer data— and increases the need for data ethics to play a much larger role in the privacy agenda. Those that invest in building privacy programs that include a focus on data ethics will be substantially better positioned to retain and deepen customer and employee trust.
Regulatory momentum will increase
With a new administration and tech giants under increased scrutiny over what they do with personal information, there will be a push for national level regulations to clearly define the rules of engagement for data privacy, trust, and transparency. We expect a strong movement towards a Federal law on consumer data protection that draws on concepts from GDPR, CCPA, and CPRA.
With a growing awareness and concern by consumers with how companies use, manage and protect their personal data, expanding regulations and new data being captured as a result of COVID-19, now is the time for companies to take a hard look at their privacy programs to ensure they are ready for what’s to come.