Privacy and data protection are a constant concern for companies of all sizes and in all verticals worldwide. This focus reflects the rapid emergence of new technologies and digital services that process personal data. Additionally, many more people have adopted digital services over the last three years due in part to the pandemic. Approximately 5.3 billion people - about 66% of the world’s population - accessed the internet in 2022, and it is estimated that this number will only grow in 2023.
As we end the last month of 2023, there are three privacy trends that companies should be aware of.
The pandemic led many individuals who once visited their bank branches and shopped at their local supermarkets to shift to online banking and grocery delivery services. This led to a massive uptick in digital transactions and a significant increase in fraud as the infrastructure needed for accessing and securing digital services was not in place, leaving many digital users under-protected.
Today, fraudsters continue to employ similar techniques, including social engineering, account takeover, and fake account creation. Still, they apply them to new industries, including peer-to-peer marketplaces, gig economy companies, and dating applications. These newly targetted industries are being hit with increasingly sophisticated fraud techniques and realizing that they need to invest in technologies to increase identity assurance. However, they also need to maintain excellent user experiences and ensure that their users' privacy is respected. The solutions that check all three boxes will come out on top this year.
Many data storage services are hosted in the US, making it critical for US and international companies to stay aware of the significant legislative changes that will occur in the US. Below are the data protection laws that will take legal effect this year in US states:
Additionally, a federal data protection bill is under discussion in the US Congress - the American Data Privacy and Protection Act (ADPPA) - which will reduce the fragmentation of the US data privacy legislation. This bill gained significant traction in 2022, but its passing in 2023 relies on the interest level of the new congressional leadership. With many political uncertainties and the possible implications of ADPPA, businesses must closely monitor its progress.
We can also expect news regarding the international data transfer agreement between the US and the European Union. In short, the Biden administration has officially implemented a new framework for the security and protection of shared US and EU data. The Trans-Atlantic Data Privacy Framework is a "Privacy Shield 2.0" intended to address European concerns over US data surveillance capabilities. While this new framework needs to go through further approval, the agreement is expected to be finalized in the first quarter of 2023.
The data protection implications of Artificial intelligence (AI) will continue to be a topic of discussion this year. The more advanced predictive models become, the more challenging it will be to regulate AI.
The dangers of AI usage are directly related to the wide variety and amount of data required to develop machine learning models. There are several legal and ethical concerns associated with this data collection that require discussion. Well-designed regulations for AI systems should address risks while favoring its development and boosting its market implementation. This year, many countries worldwide will intensify legislative efforts toward AI, focusing mainly on transparency.