GDPR Trends! 

Since the General Data Protection Regulation came into force in 2018 privacy regulations have surged internationally. Gartner predicts By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today. They also predict that by year-end 2022, more than 1 million firms will have appointed a privacy officer


GDPR Trends!

In 2020, the Irish Data Protection Commission (DPC) published it's 2nd annual report covering 2019 and it found that; - 7,215 complaints were received, a    75% increase on 2018. - 712 DPOs (data protection officers)     were registered, bringing the total in     Ireland to 1,596, and; - the category of ‘Access Requests’     was the highest complaint–type     received at 29%.  

Irish DPC Report 2020


GDPR Trends!

In the UK, the Information Commissioners Office (ICO) revealed that in it's 2018/19 report that - The ICO received notice of 13,840 personal data breaches (compared with 3,311 in 2017/2018);  -The ICO issued 22 monetary penalty notices for breaches of the Data Protection Act 1998, with fines of a total of just over £3 million. The largest fines were to Equifax, Facebook, Uber, Yahoo! and the Crown Prosecution Svc 

UK ICO Report 2018/2019


GDPR Trends!

The 2020 ICO report revealed that  - that it had received 38,514 data protection complaints, conducted over 2,100 investigations, taken 236 regulatory actions in response to violations, 54 of which constituted information notices, eight assessment notices, 7 enforcement notices, 4 cautions, 8 prosecutions and 15 fines. - 39% of complaints related to subject access requests, 20% of which were health related.

UK ICO Report 2019/2020


GDPR Trends!

- The top challenge with data privacy reported in the industry is univerally reported to be budget and ability to hire resources. - 57% of US firms are spending less than $250,000 throughout the organization on data protection and privacy measures (CPOmagazine.com)  - 49% say that building a privacy-aware culture and improving governance of data  processing as top priorities for their organization

Top Process Challenges for Firms in 2020


GDPR Trends!

- Careless data sharing (r/w permissions on public stores (e.g. S3, Azure Blob), social / phishing, ransomware, stolen passwords and sending data to the wrong recipients are chronic global problems  

Top Data Privacy Technical Threats

Verizon DBIR Report 2020

GDPR Trends!

The top process failures reported by multiple data protection authorities in the EU include; - Lack of / weak governing statutory     contract controls / BCR's for 3rd     country transfers. - Weak policies for CCTV / Employee      monitoring (e.g. wrongful     terminations cases)  - Inability to respond to subject     access requests (DSAR's) - Marketing failures (e.g. peronsal     information sent to wrong postal       address /  opt-out requests

Top Data Privacy Process Threats


GDPR Trends!

The market for privacy enhancing technologies powered by AI is expected to grow exponentially over the next 4-6 years.  - PET technologies such as    encryption,  anonymisation, data      masking  powered by AI algorithms    such as  synthetic data generation    and federated learning are being    embraced by companies such as    Privitar, BigID, TrustArc and others  - PET's facilitate multiple use cases        such as facilitating data transfer     between multiple parties and     intermediaries, protecting healthcare

Privacy Enhancing Technologies | p1


GDPR Trends!

..  data and financial data and making      test data safer in dev environments. - A common complaint in regulated     firms in general is the burden of       regulatory change which is said to be     grinding down compliance personel     and budgets alike.     Automating processes such as     automatic regulatory policy updates,     finding and de-risking PII data and     generating reports autonomously     are predicted to hold great promise     into the near future.                     Thanks for Reading 

Privacy Enhancing Technologies | p2


Compiled by Paul Rogers - DataPrivacy.ie