Like it or not, data protection will be one of the biggest issues organizations face in 2024.
Knowing where to focus compliance efforts will be tricky, with more and more state-level privacy laws becoming effective in the US, creating a patchwork of differing regulations across the country.
Consumers are increasingly aware of how their data is used and are demanding that organizations respect their privacy.
Navigating the complex privacy landscape in the US. With four US states - California, Virginia, Colorado and Connecticut - now having enforceable privacy laws, the situation in the US is especially complex.
It may be tempting for organizations to wait and see how regulations develop or hold on for federal-level legislation; the American Data Privacy Protection Act has been introduced to Congress, although it will take a while to see if it has a chance of coming through the legislative process and being passed into law.
It isn't just legislators pressuring businesses to take their data privacy responsibilities seriously.
Public awareness of how data is collected, utilized and shared is on the rise, affecting consumer behavior accordingly.
Publicity around the EU General Data Protection Regulation played a very important role in educating consumers in the UK about data privacy, with 79% of UK consumers saying that transparency about how their data is collected and used is important to them.
They also recognize the value of their data, with 61% of UK consumers viewing their personal information as an asset that can be used to negotiate better prices and offers with companies.
According to DataGrail's Privacy Trends 2023 report, DSRs - privacy requests submitted by data subjects to access or modify the data a company holds on them - grew by 72% year-on-year between 2021 and 2022.
Organizations must be clear about why they are collecting data and what they plan to do with it.
If they see value in sharing this data, they will - if they are certain their wishes are respected.
Organizations must also stop collecting data for the sake of it.
Businesses should only collect, store and use the data they are permitted to collect to create a great customer experience.
Taking an innovative approach to utilizing data to add genuine value to customer relationships will be appreciated.
Finally, they must find ways of collaborating that don't involve sharing customer data.
Consumers that volunteer their data don't want it to travel across dozens of other companies.
Businesses must adopt a new approach to partnerships involving privacy enhancing technologies such as data clean rooms, that ensure the value of customer data can be realized without ever putting privacy at risk.
While sharing customer data indiscriminately throughout the advertising ecosystem might have been acceptable in the past, legislative requirements and customer expectations have evolved.
Finding new methods of achieving business objectives in ways that fully respect consumer privacy - and that enable innovative collaborations without sharing data with third parties - will allow organizations to unlock new levels of performance and prevent them from being derailed by future legislative changes.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Wed, 13 Dec 2023 06:28:13 +0000