The introduction of GDPR just over two years ago set the train in motion for a prolonged phase of data privacy recalibration, igniting a movement of citizen empowerment around the privacy of Personally Identifiable Information (PII). Over the course of the last 24 months, tightening regulatory constraints have forced enterprises to come to terms with a new reality in terms of how they handle, manage, and monetize individuals’ data, incentivizing the wide scale overhaul of data management strategies.
In fact, a new report suggests that a resounding 97% of organizations will increase their spending on data privacy in the coming year, with nearly one third indicating plans to increase budgets by between 90% and more than 100%. Let those statistics sink in. We are talking about wholesale changes to cross-sectoral data management, with the privacy of the individual finally being prioritized over corporate interests at scale.
With such expansive budgetary measures on the horizon, the focus turns to the types of compliance-enabling solutions that will resolve these types of regulatory headaches from an industry perspective. In Europe, non-compliant companies can be confronted with fines of up to 4% of their global annual revenue, if the associated breach violates basic principles for processing data such as consent conditions. While Europe has led the charge on the privacy regulation front, the US hasn’t been far behind. The introduction of the GDPR-inspired California Consumer Privacy Act (CCPA) was in keeping with the naturally progressive West Coast, but calls for a nationwide Data Protection Agency have never been so visceral. A new ‘Data Privacy Act’ – as outlined by Senator Kirsten Gillibrand in her Medium post— would be a landmark moment for the US. Senator Gilllibrand specifically discussed the potential for Privacy Enhancing Technology (PET) to be deployed as a means of undercutting the corporate collection of personal data, and re-setting the data privacy scales in favour of the individual.
In parallel to the monumental legislative frameworks such as GDPR and CCPA, the technological advances being made in the field of PET and Distributed Ledger Technology (DLT) more broadly, signal a paradigm shift in the way companies collate and share data. Blockchain technology can be harnessed to reimagine how data is valued, shared, and protected, for individuals and enterprises alike. For example, the establishment of decentralized data marketplaces can empower individuals and businesses to share data in a trusted environment. By generating bespoke decentralized IDs, individual and corporate users can securely store and share data in these marketplaces, while maintaining full control over this data.
So why is this kind of decentralized marketplace important? For one, it addresses a long-standing privacy dilemma for enterprises. For many companies, the sharing of information based on proprietary data has been a delicate topic for decades and taking a cautious approach is particularly understandable due to the heightened scrutiny around how enterprises share user data. Companies have troves of confidential data that they wish to protect for business and legal reasons, but they also recognise the benefits of inter-company collaboration. Peer-to-peer cross-platform data trading technology, as enabled by blockchain, can make sure that this is no longer a zero-sum game.
Before the pandemic, a report by the International Data Corporation (IDC) Worldwide had projected European blockchain spending to hit $1.4 billion in 2020, with a Compound Annual Growth Rate (CAGR) of 58% between now and 2023. Following the broader economic curtailment stemming from the Coronavirus, the IDC has revised down this lofty projection by 8%, but the outlook for wide scale blockchain adoption remains positive, characterised by the European Commission’s broadly holistic approach to leveraging blockchain technologies, with the end goal of assertively positioning Europe at the forefront of blockchain innovation.
At a time when the data privacy landscape has been redefined by a litany of new acronyms – think GDPR, CCPA, PII, and PET — recalibrating the data privacy landscape will take a concerted effort from industry, academia, and government officials. Thankfully, blockchain-powered solutions and cryptographic strands are coming to the fore, enabling the formulation of decentralized marketplaces, while facilitating the types of secure cross-enterprise collaboration that were once confined to the conceptualizations of utopian visionaries.