
Analysts to Discuss Current and Future State of the Privacy Landscape at the Gartner Security & Risk Management Summit 2022, 12-14 September in London
By 2025, privacy lawsuits and claims related to biometric information processing and cyber-physical systems will have resulted in over $8 billion in fines and settlements, according to Gartner, Inc.
“Autonomous vehicles, drones that capture video, smart buildings and smart cities are cyber-physical systems that capture biometrics of all kinds,” said Bart Willemsen, research vice president at Gartner. “The collection and storage of biometric information is gaining, whether in the form of fingerprints, iris scans, remote recognition of face, gait, voice, or even DNA samples. But this information has huge potential to be misused or abused.”
Willemsen said that new privacy laws cover the capture, conversion, storage and processing of biometric data, and can even apply to face tagging technology in social media. They may also come with a retention regime, and may prohibit selling, leasing, trading or profiting from biometric data. Some prohibit the usage of biometric information in certain use cases altogether.
“In such cases, it is important that security and risk management leaders and privacy leaders consider alternative, less invasive means to achieve the intended purposes, explaining all necessary information to the customer without any caveat,” added Willemsen.
Some multinational, consumer-facing organisations are actively moving toward a self-service model through privacy portals and intake forms. Their intent is to not simply avoid regulatory fines, but also to bolster customer trust and maintain positive brand sentiment.
Privacy Budgets Will Increase, Allowing Privacy to Shift from Compliance to Competitive Advantage
Gartner predicts that by 2024, large organisations’ average annual budget for privacy will exceed $2.5 million, allowing a shift from compliance ethics to competitive differentiation.
Privacy budgets increased from $1.7 million in 2019 to $2 million in 2021 and are expected to continue to increase at a steady rate. The sudden uptick in online activity, remote working, and virtual learning increased cyberthreats. With the expansion of privacy regulation efforts across dozens of jurisdictions in the coming two years, many organisations will only see the need to start their privacy program efforts now.
Gartner recommends that organisations first gain full control in detail over all personal data processing activities before they can hand over that control to the individual. One way to do that is through privacy rights and consent management services. “The customer will experience the difference between having to wait weeks for an incomplete answer, or within seconds have full access to the answer to the question ‘what data does an organisation process on me?’. That difference is where trust is gained, or lost,” said Willemsen.
Depending on the maturity of their privacy programs, organisations are reaching beyond mere compliance-driven work, toward customer-centric activities. For example, allowing customer experience professionals to address customer complaints on lack of transparency, and automation of the privacy UX, or by giving access to privacy rights to all global clientele, whether they must or not, treating customers internationally equally.
Gartner clients can read more in “Predicts 2022: Privacy Risk Expands.” Learn about the top priorities for security and privacy leaders in 2022 in the 2022 Leadership Vision for Security & Risk Management Leaders.
Fachartikel

ChatGPT bei der Arbeit nutzen? Nicht immer eine gute Idee

Das Aktualisieren von Software-Agenten als wichtige Praktik der Cyberhygiene auf MSP-Seite

Kosteneinsparungen und Optimierung der Cloud-Ressourcen in AWS

CVE-2023-23397: Der Benachrichtigungston, den Sie nicht hören wollen

Wie sich kleine und mittlere Unternehmen proaktiv gegen Ransomware-Angriffe wappnen
Studien

Studie zeigt 193 Millionen Malware-Angriffe auf Mobilgeräte von Verbrauchern im EMEA-Raum

2023 State of the Cloud Report

Trotz angespannter Wirtschaftslage: die Security-Budgets steigen, doch der IT-Fachkräftemangel bleibt größte Hürde bei Erreichung von Security-Zielen

BSI-Studie: Viele Software-Produkte für Onlineshops sind unsicher

Wie Cloud-Technologie die Versicherungsbranche revolutioniert
Whitepaper

Aufkommende Trends in der externen Cyberabwehr

Cyber-Sicherheit für das Management – Handbuch erhöht Sicherheitsniveau von Unternehmen

Aktueller Datenschutzbericht: Risiko XXL am Horizont

Vertrauen in die Lieferkette durch Cyber-Resilienz aufbauen

TXOne Networks und Frost & Sullivan veröffentlichen Jahresbericht 2022 über aktuelle Cyberbedrohungen im OT-Bereich
Unter4Ohren

Optimierung der Cloud-Ressourcen und Kosteneinsparungen in AWS

DDoS – der stille Killer

Continuous Adaptive Trust – mehr Sicherheit und gleichzeitig weniger mühsame Interaktionen

Datenschutz und -kontrolle in jeder beliebigen Cloud bei gleichzeitiger Kostensenkung, Reduzierung der Komplexität, Verbesserung der Datenverfügbarkeit und Ausfallsicherheit
