DPOInsider #32
Discover more from DPOInsider
DPOInsider #32
Final edition of the year - what's in store for DPOs?
The DPOInsider covers the latest news and developments in data compliance and privacy. The DPO's favourite weekly read ☕️
Looking forward to 2023
It’s that time of year when everyone wants to make a prediction for the next year.
So I thought in this last edition of the year, I’ll cover some of these predictions and give you some ideas of what to expect as we wind down for another year.
So to get started, we’re into this piece where the prediction is that ‘good enough’ won’t be enough in 2023, especially with what they predict will be the rise of the metaverse:
In the coming year, expect to see exponential growth in other types of spatial data, such as a person’s movement or appearance all of which will further complicate data and cyber security experts’ ability to protect these assets. Like the explosive growth of wearables, sensors and IoT devices, data types used for product and UI experiences will continue to expand.
But there will also be more complications for those who operate in the AI space. According to this piece the EU’s AI act will have a huge impact on businesses that use AI to process data:
While the EU’s AI Act may still be in draft form, EU data protection authorities are already applying similar principles assessing, developing, and applying AI under GDPR. As a result, 2023 may give you time less time to anticipate requirements under the AI Act. Further, once in force, the AI Act will apply also to AI products that were developed before the AI Act went into effect.
That post has a lot of predictions and goes into a lot of detail. But it’s interesting to read the section on ePrivacy where there predict the final nail in the coffin for cookies:
More and more browsers are already blocking tracking cookies but expect 2023 to become virtually cookie-less resulting from a dramatic overhaul of the behavioral advertising tech space, once UK regulators and Google get out of the Privacy Sandbox.
This piece suggests that PETs could be a way to leverage data in a way that is still compliant:
Data masking methods available through privacy-enhancing technologies can offer different degrees of privacy, he says. “I think of these like a dimmer switch instead of a light switch,” Touw says, which is either on or off. Legacy methods of controlling data may have been all or nothing, but with PETs, the data could be “fuzzed” so it can still be used but also meets privacy demands. “As GDPR states, if the data is fully anonymized, then you’re not breaking anyone’s privacy by deriving some sort of aggregate metrics from it,” he says. “As soon as you start getting down to targeting individuals, obviously you’re breaking privacy.” PETs allow for big-picture questions about data to be asked without targeting individuals, Touw says.
And as always, it wouldn’t be the end of a year without looking back on the biggest data breaches.
That’s it from me for 2022. I hope you find these emails helpful. Here’s a reminder that you can reply or contact me with any questions, submissions and inquiries you may have.
See you in 2023!
