The rise of privacy and security laws in previous years has made data processing the hottest subject on the planet. Global digital transformation, remote work practices, and increasing cybercrime threats really pushed the envelope on data protection. The business world as we know it changed drastically last year!
Remote work and office work switched places as remote became the norm and commuting was suddenly optional. While working from home has multiple benefits in terms of efficiency, its practices are still in the infancy phase for the majority of companies. Together with the COVID-19 pandemic it brought dozens of new security challenges!
Unfortunately, hackers recognized these business vulnerabilities and saw lots of new opportunities for malicious attacks, which resulted in the highest uptick in cybercrime history last year!
It’s safe to say that 2020 left a big cyber security mess for 2021 to clean up. Don’t worry though, security technology evolved over the last few years too and we now have a private cloud-based customer database that is as close as you can get to making a data breach imposible.
Let’s see what you need to take care of in terms of privacy and security in 2021 to enable your business prosperity!
1. Data privacy and protection regulations getting stricter
In 2021, cross-border data regulations will become even more complex as local jurisdictions require the adoption of territory-specific laws. The General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) are pioneers in data privacy and protection regulations. They reshaped the data world, giving consumers more control over their data and increasing cybersecurity. However, the last two years are just the beginning of a great privacy era. In 2021, these policies will become stricter and impose more penalties, which can be quite massive in the GDPR jurisdiction. The CCPA-class lawsuits are scary as well!
The EU commission is about to introduce a new suite of regulations pertaining to the internet and overall digital economy, redefining its boundaries significantly. The new rules will greatly impact the way platforms acting as gatekeepers can operate. A novel completion tool is a true game-changer! It will allow commissioners to impose remedies on market players with the goal of addressing structural competition problems. All data privacy practices and data-driven businesses will face tougher requirements in terms of ad targeting, data collecting, and transparency.
Whistleblowing compliance will become a major topic among the EU member states as they all are expected to implement this directive and guide business in this direction this year. The EU’s privacy requirements related to employee supervision will roll out this year as well. As companies transitioned to remote work due to the pandemic, the commission focused more on empowering tool development that will guarantee the highest security for such practices.
The CCPA went through drastic changes as it was replaced at the end of last year with the CPRA. Californians voted again in the short time period of just two years to approve another stricter data policy. On January 1st this year, the CPRA became partly operative, which means you need to upgrade your company’s data policy immediately if you sell your products or services to Californians. If you already have established CCPA compliance, then your job here is a bit easier as you will only need to make certain modifications and add more requirements. CPRA rules are quite stricter than CCPA and more closely resemble those of the European Union.
However, privacy won’t be just a Californian topic on the other side of the ocean. The Federal Trade Commission (FTC) will continue to enforce acts related to privacy and data security that apply to all US member states. Similarly, the US healthcare industry will undergo certain changes and there will be new HIPAA additions in terms of patients’ right to access.
Following the previous examples and the increase in data breaches, Japan has taken actions in terms of cyberspace. Now, all businesses are required to report data breaches to the PIPC (Personal Information Protection Committee). If they fail in such action they will face higher fines than before.
2. More data laws means more data costs
As you can see, the data regulations are changing quickly and they’re constantly imposing new costs for businesses. Any single upgrade or a complete change can cost you thousands if you decide to hire a legal professional and IT advisor. Then you will need to re-train your staff to provide customer support following the new rules. However, if you choose to go with a customer support software option, you won’t need to do or pay anything, as the accountability will fall to your company supplier! This option sounds much more appealing, right?
Even though you don’t need to comply with any data policy yet, you may consider doing so ahead of time as Corey Nachreiner says:
“ Even if your company isn’t yet impacted by a strong consumer privacy law today, you should expect this type of legislation to start making its way across the country and throughout the world, and begin preparing for the steps you’d need to take to comply to a similar law."
3. Reducing data collection makes more sense
Due to the increased number of regulations, more and more companies are choosing to simply collect less data. Less data, less trouble. Instead, they are deciding to implement encryption procedures and scramble all customer PII that would help identify the subject. This practice is called data anonymization. If you choose this data collection method, you don’t even need to worry about GDPR compliance. Helpy platform has a built in anonymization tool that enables this practice and rids you of the need to discuss a complete data deletion with your customer forever! The reduced data collection practices are known as “clean data rooms”. They give more freedom to entrepreneurs over customer data use, enable better CX, and provide higher security at the same time!
4.More pressure for Chief Data Officers (CDOs)
5. Ransomware’s rise shifts focus to data availability
A Cyber Front Lines report unveils that 81% of financially motivated data breaches in 2020 were due to a ransomware installation (or its precursor). This number is quite disturbing and made experts pay more attention to two other parts of the CIA triad besides confidentiality: integrity and data availability.
6. The disinformation trend continues
The year 2020 set a new record in spreading disinformation. People, as well as companies, tired of all COVID-19 troubles became easy victims of cybercrime due to false statements. Hackers were spreading disinformation through all communication channels, including social media and email. However, the disinformation was even coming from reputable sources like the government, which were so much harder to fight against. Unfortunately, scams were everywhere, which only made 2020 more difficult!
Enforcement activities and regulatory supervision relevant to cookie policies will hold first place on CEO’s lists when picking a data security provider. Forms and questionnaires that enable customers to consent to data practices conducted by a company are essential to data law compliance, which makes them an essential customer support software feature as well. Companies will continue to follow the trend away from third party cookies that are mostly used for marketing purposes and instead, they’ll nurture the practice of having clean data rooms.
8. 5G challenges
5G is here! The new 5G devices are on their way to billions of users worldwide! This requires the deployment of new security features that protect data protocols from these devices as well as from the 5G bandwidth itself. Again, cyber criminals will try to hack this latest tech advancement that has yet to be developed to its highest potential. Thus, we have a new task to achieve to protect our society of data users!
9. How to win the privacy game?