By Bart Willemsen
Privacy is becoming a reason for consumers to purchase a product, in the same way that “organic,” “free trade” and “cruelty-free” labels have driven product sales in the past decade.
Privacy-first products are likely to follow this trend. To increase customer trust, executive leaders need to build a holistic and adaptive privacy program across the organization and be proactive instead of responding to each jurisdictional challenge.
In 2019, Gartner observed a decline in overall customer satisfaction, an erosion of trust and an increase in privacy invasion. Today, these sentiments extend into all interactions between customers, organizations and devices. As customers demand protection of their privacy, lawmakers around the world are preparing to meet this demand.
Security and risk management leaders should take note of these Gartner 2020 predictions for privacy to help their organizations improve transparency and reassure customers.
By 2023, 65 per cent of the world’s population will have its personal information covered under modern privacy regulations, up from 10 per cent today
More than 60 jurisdictions around the world have enacted or proposed postmodern privacy and data protection laws, following the introduction of the GDPR in 2018. These include Argentina, Australia, Brazil, Egypt, India, Indonesia, Japan, Kenya, Mexico, Nigeria, Panama, the U.S., Singapore and Thailand.
People are actively demanding privacy protection — and legislators are reacting. If your organization operates globally, focus on standardizing operations in accordance with the GDPR, and then adjust as required for local requirements.
Use technology solutions to assist with not only readiness efforts, but also to automate portions of your privacy management program once it’s established. This is particularly important for the handling of subject rights requests and the processes for consent and preference management (CPM).
By year-end 2022, more than 1 million organizations will have appointed a privacy officer (or data protection officer)
Increased regulation will lead organizations to hire capable, empowered senior-level privacy officers to deliver both compliance and customer satisfaction.
There were only a few thousand official privacy officers worldwide before the GDPR took effect in 2018. In 2019, it was estimated that already half a million organizations relied on the expertise of a privacy officer. Organizations that avoided hiring a privacy officer because they weren’t subject to the GDPR now need to catch up.
Appoint a privacy officer, ideally one who reports directly to the board. Whether the current regulatory landscape demands it or not, having a dedicated lead for the privacy discipline is necessary to help co-steer the corporate strategy and affect the organization on strategic, tactical and operational levels.
CISOs and other IT security leaders should leverage these predictions in planning how they will manage customer, employee and corporate data privacy in 2020 and beyond.
Gartner analysts will discuss privacy, security and other topics of interest to CIOs and IT executives at the Gartner IT Symposium/Xpo taking place May 11–14, 2020 in Toronto, Canada.