So as the latest Snowdon revelations (oh … and the New Year Holiday fun has subsided) how about we look at where data privacy is going in 2014. Here is a quick “stocktake” on what is likely to happen next:
- Snowden and the NSA – Expect more revelations from Edward Snowdon about the NSA and surveillance. Whatever you think about the issues, there is little doubt this is fuel for unending press stories.
- EU General Data Protection Regulation – I really don’t know what to say here. Some people think it is going to go through in some form or another. Others seriously doubt it. Over to you!
- US Safe Harbor – so we have avoided “falling off the edge of the figurative privacy cliff” and it’s apparently still legal to transfer data to Safe Harbor certified companies in the US. Expect more extreme demands from Europe on how US and other non-European business should process personal data and watch how this impacts the marketplace. Ask any supplier of services with French, German or other mainland EU customers and you will find a growing trend making it harder for non-European businesses to sell into the European market without setting up European servers or an EU cloud. The official rules are fast becoming a basis for pulling up the EU drawbridge and staying home!
- Data breach – expect more data breaches! This will continue for the “big boys” like Target in the US and providers of apps and digital media like Snapchat to quote some recent examples.
- US regulatory approach – Expect greater alignment between privacy principles adopted by the FTC in the US and at least some of the data privacy rules in Europe. For example, the FTC is moving towards an assumption that device-based data deserves special protection in the same way that Europe did 10 years ago. You really need to look at the substance here to appreciate that there is greater US/EU alignment, already, than some care to admit.
- “Internet of things” – T-shirts that monitor your heart rate and other “wearable tech”. 2014 is likely to see a revolution in connected gadgets and data enabled clothing, cars, fridges and homes.
- BCRs – no let up in the number of companies starting to look at BCRs or, at least a BCR‑style data privacy governance engine. How else to manage global data privacy risk and mitigate the associated reputational issues.
Finally, the best news of all: the term “geek” has been redefined by the Collins Dictionary. It no longer means someone who is socially awkward or dull. It is, in fact, in the dictionary’s list of “words of the year” so whatever you think of the above predictions, rest assured it is ok to be a privacy geek!