The global digital economy is borderless – just like the flow of data it relies on. Free-flowing information means growing connectivity, insights, and possibilities. This new paradigm has reshaped how business operates – and is reshaping the role of data privacy and governance.
Of course, we’ve already come a long way since rising data volumes first became C-level discussion topics. Back then, organizational security often operated with an implicit trust model. Where once inside the traditional perimeter, extracted insights would be used and shared relatively freely. People inside the perimeter could also move with few restrictions. This meant that sometimes, whether malicious or accidental, breaches would happen, and sometimes remain undiscovered for long periods of time.
The advent of Zero Trust helped solve some of those implicit trust risks, although this approach of requiring authorization from every user and device also limits and slows data access. Sometimes to those who need insights quickly.
Alongside the threats to productivity, data exposure risks have evolved and magnified as workforces became more widely distributed. Coupled with the rise in cloud computing, resources are increasingly available remotely – with attack surfaces similarly widened and distributed.
There are also the risks to subjects of the data. Many of us are often unaware of where and how our information is being used.
Organizations face a delicate balancing act. How to ensure data privacy – while also ensuring data access to the right people at the right time? Innovative technology has always meant this balance is also a moving target. However, further trends are reshaping and driving the discussion even faster than before.
What are the global trends for data privacy regulation?
Currently 71% of countries have data protection and privacy regulation. This goes up to 98% for countries in the EU, compared to 57% among countries in the Asia-Pacific region.
However, the worldwide trend is only going one way, as more countries enact, update and propose legislation. For example, Singapore’s Personal Data Protection Act underwent a series of amendments and expansions in 2021, while in late-2021 China introduced its own Personal Information Protection Law.
Meanwhile, in the US the focus is on regulatory alignment at federal level, with the proposed American Data Privacy Protection Act. This offers a more unified framework than current industry-specific and regional approaches.
The EU’s GDPR was introduced a few years earlier in 2018. European decision-maker activity gives a direction into where regulation is headed next.
That’s because plans are now being drawn up for regulating AI and its sometimes-opaque outcomes. Among the proposals is the AI Liability Directive. Its stated chief objective is “to promote the rollout of trustworthy AI” and to bring more certainty to liability relating to “specific characteristics of AI, including complexity, autonomy and opacity (the so-called “black box” effect).” Like GDPR, the directive and related proposals will apply to any business serving EU customers.
What’s more, there’s clear evidence that consumers increasingly want to know how their data is being made available. They also want to know more about their associated rights around consent and control.
“Ultimately, businesses must evolve their thinking beyond complying with the letter of the law and incorporate decisions on how to do right by their customers — who are increasingly privacy aware”
Forrester
Some of this awareness has come organically. No doubt you’ve heard the phrase, “If the product is free, you are the product”, oftentimes in relation to SaaS services and products.
Other times, awareness has risen in response to specific events. One high-profile example is WhatsApp updating its privacy policies in early 2021. You may remember the many headlines and discussions this generated in the media and among online forums. This led to WhatsApp releasing an FAQ to address “many thoughtful questions” and “some of the rumors going around.”
How to meet the needs of data privacy today & tomorrow
It’s now up to companies to adapt and meet these business trends and consumer expectations. Especially if they want to harness the advantages of AI, and realize the returns from AI spending that’s set to be more than four times more than on IT by 2026.
“The past two difficult years in business accelerated the use of AI in systems, and organizations are now more willing to take advantage of the efficiency benefits and enhanced capabilities that AI systems offer.”
IDC
Businesses can accelerate their advances by responding to the reshaping of data privacy. They simply have to choose the right technology, system and partner.
Velotix’s data governance platform has been built to meet these business needs. Providing a foundation for governance to be a source of increased revenue and differentiation. But don’t just take our word for it.
Instead, explore the changing nature of privacy – and the opportunities available – in a timely Cisco report. The 2022 data privacy benchmark study takes in the views of 4,900+ security professionals within 27 countries. The research discusses how privacy has impacted on business across the world. Findings come from all major and highly regulated industries, including financial services, telecoms, healthcare, education, utilities and energy.
Among the many insights, there are four specific recommendations. These reveal the direction businesses need to go with their data privacy strategies. They also show how Velotix is ideally placed to help them (and you?) get there.
Report recommendation: Increase building of privacy capabilities throughout your organization
The report highlights how privacy has become “a business imperative and a critical component of customer trust for organizations around the world.” This comes from a behavioral perspective (92% say “privacy is integral to our culture”), and a purchasing perspective, with “external privacy certifications” important to buying processes.
There’s also a big warning for businesses unable to demonstrate their data protection credentials. An overwhelming 90% of respondents say “they would not buy from an organization that does not properly protect its data.”
Discover Velotix’s AI-based behavioral learning
Invest in Velotix’s AI-based platform to automatically protect data by granting the right access, to the right data, at the right time. The automation is based on symbolic AI (Velotix is unique in offering this). Over time, through learning, data access policy decisions continue to increase in accuracy.
As a result, teams gain more time for the edge cases and calibration of inputs and outputs. Redeploying resources away from routine processes means efficiency and productivity can increase. Alongside the benefit to the bottom line, there’s the boost to reputation, with increased trust among consumers and potential partners.
Report recommendation: Deliver transparency around how your business uses personal data
Few would dispute that consumers want to know – and be reassured – their personal data is being used appropriately. Regulatory drivers mean organizations also have to show how their data is being used with AI and automated decision-making processes.
However, the Cisco report finds that “46% of consumers feel they cannot adequately protect their data.” Lack of transparency is cited as the primary reason fueling this sentiment. There’s also a message for businesses using AI for typical use cases, including recruitment, price-setting, and credit scoring. Between 37% and 55% said “they would trust a company less that used AI for these decisions.”
Solve AI ‘black box’ challenges with Velotix
For organizations to succeed with AI, the report underscores the need to avoid or mitigate black box algorithms. Velotix helps you understand relationships between your datasets, bringing visibility, transparency and control to your audits.
You can trace data access across the full lifecycle, to view, grant and revoke policy permissions. Velotix also maps out transformations between original and new uploads and additions, delivering data lineage clarity and discoverability.
Report recommendation: Build in explainable & ethical frameworks
What business value are businesses realizing from their privacy-related investments? “Loyalty and trust” was the top benefit, cited by 71% of respondents. With costs of customer acquisition far higher than costs of customer retention, the financial advantages of successful data privacy are clear.
In light of these results, the report includes the recommendation to “Proceed carefully and thoughtfully when using personal data in AI.” There are also calls for “an ethical framework by design”, with transparency for both manual and automated actions.
Gain real-time data knowledge with Velotix
The manual action can be fulfilled by the human-in-the-loop, able to interpret and explain the AI-based outcomes to consumers. Your workflows can be configured to be automatic, manual and automation, or manual only. For further support, Velotix gives you a centralized source of truth, for establishing governance, explainability and visibility over your AI programs.
When you’re looking for data to support your explanations, take advantage of Velotix smart suggestions. These are based on aggregated metadata from other data catalogs, so you can find data you didn’t even know you were looking for.
Invest in privacy
The report acknowledges that investing in data governance and ensuring compliance “often involves significant effort and cost.” Overall, though, findings are encouraging for 83% of corporate respondents. That’s how many “said privacy laws have had a positive impact on their organizations.” Almost one-in-three (32%) said they got “benefits at least 2X spend”, with fewer than one-in-five (19%) “estimating they are not breaking even on their privacy investments.”
Privacy is also a factor at C-level, with 94% of respondents “reporting one or more privacy-related metrics to the Board.” The most common metric is “Audits” (reported by 34%), followed by “Data breaches” (33%), “Impact assessments” (32%) and Data subject requests” (31%).
Integrate privacy & security with Velotix
There’s another major ROI-related correlation within the findings. Respondents reported higher returns for “more mature organizations and where privacy is integrated with security”.
We can help with accelerating your business maturity around data privacy and data governance. Velotix’s architecture includes a provisioning engine that provisions data directly with your data source. You don’t need to duplicate or transfer data. Whether from Snowflake, Hadoop or a proxy – we handle it for you. We also dynamically map your data catalogs, automating permissions through your existing frameworks.
How to deliver dynamic governance & data democratization
Ready to get ahead of ever-evolving trends in data governance, privacy and protection? Meet the only AI-powered data security platform that automatically grants the right access to the right data, at the right time. Explore how Velotix intelligence helps you manage and reshape complex policies dynamically and intelligently. Book a demo to find out how we can take you forward faster.