1. Global rise in data privacy regulations.
Since the introduction of General Data Protection Regulation(GDPR) in 2018 over 60 countries have either enacted or proposed a privacy or data protection law. Today over 100 countries have privacy law. It is projected that 65% of the world’s population will have its personal information covered under a privacy regulation by 2023, up from just 10% today.
2. Transparency with data privacy will be a top priority for consumers.
Per study over 50% of consumers would switch companies simply because of their data policies or data sharing practices. Companies that fail to protect consumer data will lose the trust of their customers and drive them to seek another company where they feel more comfortable sharing their personal information.
However, by 2023, those companies that do earn and maintain digital trust with their consumers will see a 30% increase in their digital commerce profits compared to their competitors.
3. Companies will invest more in privacy technology.
To keep pace with the ever-changing regulatory landscape in 2021, more companies will start to invest and integrate privacy programs including privacy-enhancing technologies into their compliance programs.
By 2021, Gartner estimates that roughly 70% of organizations will integrate automation technologies to increase employee productivity, and that by 2022, privacy-driven spending on compliance tooling will increase to more than $8 billion worldwide. As the privacy landscape grows more challenging, innovative technology will be part of the solution in 2021.
4. Significant increase in data subject requests and complaints.
Growing data privacy regulations around the globe gave consumers more control over their data. With the number of data breaches growing exponentially each year, consumers are starting to become more data aware and want to know exactly who has access to their personal information. As consumers continue to exercise their right to know, update, delete, and even restrict the processing of the personal information businesses have stored about them, we will see a significant increase in data subject requests and complaints in the coming year.
The Information Commissioner’s Office (ICO) has already seen a 50% increase of data protection complaints since the introduction of the GDPR with over a third related to Data Subject Access Requests (DSARs).
5. Privacy Shield invalidation will continue to be a challenge.
In July 2020, the Court of the European Union (CJEU) dismantled the Privacy Shield agreement between the European Union (EU) and the United States. The CJEU determined that the adequacy agreement failed to protect the privacy of its citizens’ data. Thousands of companies then had to quickly find an alternative data transfer method that adequately protects personal data across borders.
Companies can take advantage of standard contractual clauses (SCCs), binding corporate rules (BCRs), and derogations, but currently these are not long-term solutions. While the European Commission has confirmed it is working on updating SCCs and bringing them in alignment with the GDPR, a timeline has not been announced.