The concept of online privacy is an instrumental part of our relationship with technology currently, and even more so as we wade into the future. As our society migrates completely into the digital realm and as traditional systems of; business, governance, and day-to-day life are no longer applicable, the privacy industry becomes more and more of a key focus of our future. Several topics are already on the table, and resolutions are being observed at the highest levels of governance for the correct implementation of privacy -which is proving quite difficult in some aspects- as we stand on the edge of a metaverse (as Zuckerberg would put it) enabled future. Privacy is not just about outright technicalities such as improving video conferencing privacy, enforcing what happens with digital information, and the ethics and morality surrounding surveillance, but it is also about the salient decisions concerning how we define our freedom and how the economy itself operates.
The privacy market is booming, from an emerging tech sector only a few years ago to a full-blown industry as demand for privacy and privacy-related legislation and solutions trends vertically. Until now, the privacy market consisted of small, limited startups that aimed to contribute to regulatory solutions regarding privacy. At the moment, the industry is growing in terms of the number of vendors out there and solutions, products, and services available. In a post-COVID time, the implications of lockdowns have statistically increased dependence on digital services and technologies, as well as completely changed how global business operates. Regulatory compliance requirements, customer data protection, the onslaught of cybercrime, and ultimately the increasing need for privacy are confirmed factors in the entire connected industry. These industry drivers are exponentially expanding the awareness of privacy as well as the size of this future industry. Complex cross-border data regulations coupled with geopolitical and geoeconomic shifts are also increasing the complexity of regulatory systems related to privacy. Adding to that, a general foundation for how to approach privacy on a global level has not been entirely set yet, even at the highest levels of the UN where online privacy falls under basic human rights. Therefore, society is in a strange place right now.
Even though several wide-reaching data protection and privacy regulations such as the GDPR and CCPA have been introduced years ago, this on its own is not a sufficient approach, which is why the future of privacy is going to require an entire industry surrounding it. In fact, the UK Data Protection Act of 1984 was among the first to address a potentially turbulent data privacy future, as was the Data Protection Directive in 1995 and others in later years. Over 30 years later, we still have not arrived at a healthy junction.
According to the PTA or Privacy Tech Alliance, their overview of privacy technology includes a framework in which there are three initial stages;
- Privacy Tech 1.0
- “typified by technologies engineered natively within some companies and offered by early vendors for sale to achieve a modicum of control over the personal data processed.”
- Privacy Tech 2.0
- “the development of technologies engineered natively within large companies well-resourced enough to devote engineering capabilities to regulatory compliance solutions and horizontally- integrated companies or collaborations between companies offering personal data regulatory compliance services and tools for sale.”
- Privacy Tech 3.0
- “privacy tech offerings are expanding well beyond products and services that assist in regulatory compliance into products and services that assist businesses in making the personal data they encounter both maximally available and maximally valuable for business services.”
According to the PTA, we have now entered the 3.0 phase. Thus, over the three stages in this example, a clear timeline of advancements and developments in privacy approaches is visible.
What will the future bring in terms of privacy technology? According to Gartner, a privacy-conscious future means; increased trust among organizations and increased trust from customer-to-organization. Ultimately, the flow will define how business is shaped, “in the same way that “organic,” “free trade” and “cruelty-free” labels have driven products sales in the past decade.” Gartner states that, in 2019 global markets experienced a decline in customer satisfaction and trust, coupled with increases in privacy invasions. Furthermore, these statistics reveal that by 2023, 65% of the global population will, “have its personal information covered under modern privacy regulations, up from 10% today.” By 2022, Gartner estimates that the introduction of privacy officers (data protection officers) will be a normal occurrence.
The demand for privacy has arisen due to several notions; ubiquitous surveillance, social media scandals, distrust towards online companies, unfair data gathering, and mass paranoia in general. This was especially true from 2016 onwards -when the GDPR was instated- as privacy consent boxes on every website and app, as well as privacy emails started appearing everywhere. Scandals such as the notorious Cambridge Analytica Facebook and Equifax cases also tractor-beamed a lot of attention to data privacy which was followed by media outcries and resulted in strict legislation passed by lawmakers to calm the chaos. According to Privacy Affairs; future challenges as to what will happen with EU-US cross-border data transfers are not yet specified, and more challenges like;
- The new ePrivacy regulation
- How will blockchain be regulated?
- Will the US comply with the GDPR?
- When will other nations set their regulations, or will they?
- How to integrate small businesses with low resources into privacy compliance?
- What is to happen with cookies, tracking, and ads?
- What is to happen with biometric data privacy?
- The integration of privacy by design
The future of privacy tech looks like it will be centered around what the GDPR does next and the ePrivacy Regulation. Designing a future that takes privacy by design, the concept of which lays the foundation for the GDPR into account means; solid privacy control principles that minimize or eliminate personal information abuse, as well as give back the power to people in terms of their data. At the moment, privacy tools such as VPNs and the Tor browser, messaging services such as Signal and Telegram are more in-demand than ever, underlining the requirement for privacy. For this reason, coupled with these technologies the blockchain revolution is headed towards being a true privacy invention for the future, given that it is not destroyed by imbalanced privacy regulations.