To begin 2022, the world was still recovering from the effects of what felt like an omnipresent pandemic. Companies now depend on enterprise IT teams more than ever before with increased remote workloads and automation demands to stay functional. However, as we look towards 2023, data privacy is an even hotter topic than it appeared to be when we were all forced online.
Consumers have spoken and are starting to request more anonymity and data privacy when exchanging personal information for goods and services. What trends should enterprise IT brace for in 2023? Hansa Iyengar, senior principal analyst at Omdia, provided InformationWeek with some clarity, in an emailed interview.
What changes do you see coming in 2023 for privacy regulation?
Concerns about privacy and security of data have been around for long and GDPR was one of the earliest attempts at regulation. The US government has, thus far, been reluctant to enact strong measures to protect consumer privacy, but that is about to change with the House Energy and Commerce Committee voting to advance the federal American Data and Privacy Protection Act (ADPPA), a proposed federal online privacy bill designed to regulate the gathering and storing of consumer data.
The bill is expected to come before Congress when it reconvenes in 2023. Five states already have passed their own comprehensive data privacy laws passed which will come into effect in 2023 – California (the strictest of them all), Colorado, Connecticut, Utah and Virginia. So, businesses have to start looking at the draft copies of these various bills and start cracking on their compliance initiatives to ensure they are ready before these laws are enforced in 2023.
How do you prioritize agility, performance, privacy, and security with an increase of remote work?
Having secure systems do not in any way or form compromise the agility or performance of devices that are operated by remote employees. This is a misconception that needs to be removed. Consistent and comprehensive training for all staff around safe online practices, identifying scam/phishing messages, securing devices when on the move are some of the main things that can help.
It is possible to work safely and efficiently from almost anywhere with a good internet connection, but the onus will lie on the remote staff to ensure that they follow secure practices when accessing corporate systems and data.
The European Union often spearheads data privacy, but what global trends should we consider heading into 2023?
Other major markets like India, Germany, China, and Japan have already enacted laws to protect the data and privacy of consumers and we should expect other regional changes to pick up speed over the next year. This will introduce complications for businesses that operate globally as they will have to deal with multiple levels of compliance. The last two years have seen sharp increase in data breaches which further puts pressure on businesses to secure the data from malicious agents.
As a result, could international influence impact state-level privacy regulation changes?
The US is unique in that there are federal and state regulations that often differ considerably. Most businesses have a global audience and consumer base which means they cannot ignore privacy regulations anymore as the governments of those countries that they sell into are mandating it.
That is one of the major reasons we are seeing this big push around regulations in the US. Five states have already set the bar and other states are likely to follow suit in introducing their twists on the federal policy which is bound to be impacted more by regional demographics and politics than international pressure.