“Turn & Face the Strange” — 5 Predictions for Data Privacy
The new school year is almost upon us, parents are breathing a sigh of relief and it’s time to return our attention to ‘business as usual’ — or is it?
GDPR arrived in May without the sky falling on our heads, cookie notices and use/abuse of consent by businesses are largely unchanged, and there is even talk of it being a ‘paper tiger’.
Meanwhile, the draft ePrivacy Regulation appears bogged down by concerted industry lobbying and the upcoming European Parliament elections next May, meaning a go-live is unlikely next year.
Despite all this, the world has changed, and at the risk of looking silly I’m going to spot some privacy ‘mega-trends’ which I believe will drive progress over the next 18–24 months.
Here goes:
1: Individuals taking back control over their data
As awareness grows of how ‘the web’ is currently monetised, citizens will need tools to surface and manage access, storage and spread of their data, seek redress and get paid for its use.
Pioneers such as Openbook may struggle to match social media platforms without an ad-funded business model, but can socialise new ideas and norms, opening the door for PrivTech players with a sharper focus.
The prospect of this developing into a new App- and Vendor- ecosystem for ‘emancipated’ consumer data, verified by Blockchain technology, is a genuinely exciting one — watch this space!
2. Platforms and Data Companies to be regulated like Telco’s
Regulators such as the German Federal Network Agency argue that instant messaging and email providers should be treated in the same way as telecommunications companies.
The volume of voice calls and texts sent by mobile users is falling as they move to Skype, WhatsApp and other chat applications.
Social platforms using OTT (Over The Top) messaging have benefited from these new sources of personal data, particularly location-focused to complement existing consumer profiles.
So far, platforms and data companies have showed few signs of making the investment in privacy, access and complaint-handling which are mandatory for players in the Telco sector.
Treating them as carriers represents a necessary ‘coming of age’ and may force social responsibility, and innovation on them in terms of how they handle this traffic.
3: Replacing Directives with regulations and the GDPR ‘wave’
A few years ago, “GDPR” was always paired with “EU”. As it became clear the framework represents the closest thing the world has to a gold standard for the ethical capture, management and use of data the prefix was dropped.
Similarly, the characteristic of GDPR being a regulation, rather than a directive, represents a movement of travel which is only going one way — towards greater harmonisation, oversight and control of global data commerce.
Signs are that other territories are starting to catch the GDPR bug, with new regulatory frameworks proposed in Switzerland, India and Kenya. Governments and development agencies realise that a common ‘language’ for data best practice helps their ambitions to grow regional silicon hotspots.
4: High-Profile, Co-ordinated Regulators
One product of GDPR is the European Data Protection Board (EDPB), a co-operative of leaders from the Data Protection Authorities in the region.
In line with the pillars of GDPR as framework, and application via regulations such as ePriv, this shows a model of oversight on a scale which gives Europe a chance to compete with the FAANG giants.
Of course, for all this to work in practice the world needs to see that regulators are sufficiently resourced, with teeth to go after and punish miscreants.
Right now, we are in the strange situation of a ‘phoney war’, where no-one has yet been fined under the new regime. Efforts by the UK ICO to raise their profile through raids, recruitment drives and media outreach are positive, and I think it would be a shame if current sniping from sections of the press led to them retrenching.
5: Data Ethics as Brand Value
As we emerge from an era of rampant harvesting and ‘weaponisation’ of data, I for one ask myself ‘what was I thinking’ as I tidy up old Apps on my ‘phone, or when Facebook shows me ‘nostalgia’ posts of my loved ones I originally made 10 years ago.
Just as we’ve seen a pivot in Apps and market interest from Candy Crush to Calm and workplace wellness, my final trend is the move towards more ‘mindfulness’ in terms of marketing and judicious use of data in general, along the lines of environmental sustainability.
No organisation can be 100% GDPR compliant; neither does Data Privacy mean the ‘end’ of marketing or useful digital services, but hopefully the beginning of a new phase of the web, more in line with the ideals of Tim Berners-Lee et al.
“And the Stars Look very different today…”
