This year, there has been a whirlwind of activity in the privacy space, from Brazil’s General Personal Data Protection Law (LGPD), whose enforcement provisions took effect in August 2021, to China’s Personal Information Protection Law of the People’s Republic of China (PIPL), which entered into effect November 2021. The world is stirring, and the new year is projected to be the most interesting one yet for privacy and privacy technologies.
Fewer Attempts to ‘Build Your Own’ Privacy Tech
Countless companies that are not specialized in privacy technology have now had the time to try and fail at building their own. Why is this significant? As organizations start to understand that, much like one should not build their own cryptographic tools, privacy tech also requires an extremely high level of trust and must be made by specialists whose focus it is to bring the best products possible to market. Privacy tech cannot just be a side project. This realization that organizations are having means shorter sales cycles and faster growth for privacy companies, so even more extraordinary privacy innovation can hit the market faster.
More Developer Tools
The need for flexibility in how privacy tech is integrated into systems and a greater awareness among developers about data protection regulations is leading to a growth in privacy technologies available specifically for developers by developers. 2022 will be a great year for developers who care about privacy but are struggling to find the right tools to solve their problems.
The Beginning of the Edge
The European Commission’s new IoT Device Security draft law takes a stab at protecting consumers from manufacturers that play fast and loose with their cybersecurity and, therefore, their privacy. With an increase in available IoT devices and stricter security requirements coming up, IoT device manufacturers will have to focus on standardization across devices to make securing them more easy and affordable. We will see organizations taking strides toward real IoT device standardization in 2022.
The Change in Conversation Around AI
Up until now, the conversation around AI, privacy, and the law has been focused, for the most part, around the data processed, how the data are stored, and what rights individuals have to their own personal information and the uses thereof. The European Commission’s draft AI regulation shakes the status quo in one very significant way: The requirements can now, with hopefully soon-to-be powerful backing, include outright bans of specific uses of AI. Thus, before the question of “how can we ask consumers for their positive consent?” companies will have to address “what can we ask consumers to consent to in the first place?” 2022 will see more nations taking the first steps toward banning ethically unacceptable uses of AI and of their citizens’ personal information.
Patricia Thaine is the Co-Founder and CEO of Private AI, a Computer Science PhD Candidate at the University of Toronto, and a Postgraduate Affiliate at the Vector Institute doing research on privacy-preserving natural language processing, with a focus on applied cryptography. She also does research on computational methods for lost language decipherment.
Editor’s note: The views expressed in this article are the author’s and do not necessarily reflect those of Total Security Advisor.