January 28, 2016 By Cindy Compert 4 min read

This time of year, predictions abound.

I decided to go out on a limb and make a Super Bowl prediction to kick things off. I asked my resident football expert, my 14-year-old son, two questions: “What is a prediction?” and, “Who is going to win the Super Bowl?” His answers: “You use your data to predict what’s going to happen.” Indeed, I agree. Predictions are based on a combination of knowledge, experience, opinions and a bit of wishful thinking.

Because I do not have the knowledge or experience in football, and my wishful thinking of having a winning team in Los Angeles is at least a year out, I’ll use my son’s (wishful thinking) prediction: “The Patriots!” I hasten to add that he made this prediction just before they lost to the Broncos by a scant two points, but it was an educated and valid prediction nonetheless. One thing is for sure: My track record on data privacy is vastly better than for football.

In honor of International Data Privacy Day, I’m going to share my seven predictions on the future of data privacy for 2016, plus a bit on data security since the topics are so intertwined in the technology world. This past year, I logged thousands of miles visiting with clients all over North America and attending conferences. I have also spent a lot of time researching, reading, collaborating with thought leaders and talking with our developers and researchers. So here’s my amalgam of predictions and trends for 2016.

1. You Will Learn a New Acronym: GDPR

The General Data Protection Regulation (GDPR) will replace the current EU Data Protection Directive, phasing in over the next two years. This new regulation will enact stricter guidelines on getting consent for data collection, individual profiling and more comprehensive definitions of sensitive data. It all points to a new imperative to manage data at a granular, data-element level by understanding where the data is located, where it flows, with whom it is shared, what consent is given and when data must be deleted.

What are the implications? Consider managing data at an element level. Identify, track and audit everything — especially any applications that collect highly sensitive data such as biometrics, genomics or health information.

Read the Interactive Solution Brief: Ready, Set, GDPR

2. Data Privacy Will Become a Key Driver in IoT Adoption

Mobile has become the face of the Internet of Things (IoT) for consumers. Smartphones also function as IoT devices and generally have 10 sensors or more — not only for location tracking, but also for monitoring things such as environmental conditions, your mood and your heart rate.

While consumers are adopting new devices where they see value, they are also becoming increasingly wary about data collection and sharing. They expect transparency.

Two recent studies back this up: First, the IoT Privacy Index found 80 percent of users felt the benefits of smart devices did not outweigh privacy concerns. Additionally, more than 85 percent wanted to know more about how their data is collected before using a device.

Second, in a recent Altimeter Group study, 78 percent of respondents expressed discomfort with companies selling their personal data. Nearly half had very low to no trust that connected device data is being used securely and privately.

Consider how you manage consent with regard to data collection and distribution. Provide clear and simple transparent choices around data sharing in exchange for providing value — it builds trust.

3. Big Data, a Big Breach and a Big Deal

I expect we will see the first big data breach in 2016. It’s long overdue. As Hadoop, Spark and others go mainstream and more organizations centralize data for advanced analytics, attackers will advance their skills with Hadoop and NoSQL to keep up.

Big data going mainstream means it will also move out from highly secured, isolated sandboxes to more exposed production environments and the cloud, which means activity monitoring will become more critical.

4. Cloudy With a Chance of Data Leaks

I also expect we will see the first highly publicized cloud breach. In the gold rush toward cloud, I’ve observed that hosting vendors have inconsistent approaches to security and privacy. Due diligence is critical in deciding to partner with a cloud provider and putting your most critical data in someone else’s hands outside your four walls.

Even with the best security, you can still have insider breaches, on the cloud or elsewhere — again, another reason for activity monitoring, whether on-premises or in the cloud.

5. You’ll Learn Where Your Data Is — Always

As analytics moves toward the cognitive realm and self-learning systems make decisions at the speed of processing, there will be more of a push toward managing data in flight — especially sensitive data that is derived or calculated and never stored.

How do you secure and share this data? Implement privacy policies? Ensure that consent is aligned? Start thinking about how you will manage information with this new in-flight paradigm.

6. Data Protection Becomes Risky Business

Risk-based approaches to data protection will continue to evolve and become more sophisticated and automated. Protecting everything equally is a waste of valuable resources. Do you hire an armed guard to watch your garage full of old junk? Decide which data is the most important to protect and requires the bulk of your resources.

7. We’ll Find One Particular Safe Harbor

To quote from a Jimmy Buffett song, “And there’s that one particular harbor / Sheltered from the wind / Where the children play on the shore each day / And all are safe within.”

In Jimmy’s case, that harbor is the breathtaking Cook’s Bay in Moorea, an island in French Polynesia. In the world of privacy, however, that harbor is the former EU Safe Harbor Framework, which was declared invalid on Oct. 6, 2015. The forthcoming replacement is widely anticipated.

Here’s to finding your one safe harbor in 2016 — and hoping your predictions come true.

More from Data Protection

How to craft a comprehensive data cleanliness policy

3 min read - Practicing good data hygiene is critical for today’s businesses. With everything from operational efficiency to cybersecurity readiness relying on the integrity of stored data, having confidence in your organization’s data cleanliness policy is essential.But what does this involve, and how can you ensure your data cleanliness policy checks the right boxes? Luckily, there are practical steps you can follow to ensure data accuracy while mitigating the security and compliance risks that come with poor data hygiene.Understanding the 6 dimensions of…

Third-party access: The overlooked risk to your data protection plan

3 min read - A recent IBM Cost of a Data Breach report reveals a startling statistic: Only 42% of companies discover breaches through their own security teams. This highlights a significant blind spot, especially when it comes to external partners and vendors. The financial stakes are steep. On average, a data breach affecting multiple environments costs a whopping $4.88 million. A major breach at a telecommunications provider in January 2023 served as a stark reminder of the risks associated with third-party relationships. In…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today