Keeping up with data privacy law change the biggest challenge
Keeping up with data privacy law changes represents the biggest challenge for respondents. Hurdles include tracking the status of legislation and differences between state laws in the US (59%), as well as adapting to new/changing requirements in Europe (55%). Budget issues (52% US, 45% UK), lack of staff (42% US, 39% UK), management approval problems (30% US, 23% UK), and lack of leadership (21% US, 10% UK) are other data privacy challenges impacting respondents. Understanding the data held within the organization is also a key challenge for both groups – which tracks with organizations’ lack of progress on data mapping, the report says.
Cybersecurity the top data privacy concern
Cybersecurity/data breaches is the number one data privacy concern among those polled, with UK executives expressing particular concern. Retail and financial services respondents score higher than all other industries, with 42% and 41%, respectively, selecting “high level of concern.”
US respondents’ second-ranked issue is litigation and regulatory enforcement action, while in the UK, the runner-up spot is split between loss of customer loyalty/trust and cost of compliance with privacy laws. Interestingly, US respondents are more concerned about not fully using data to maximize sales/revenue and less concerned with the cost of compliance than their UK counterparts.
“Privacy is a fundamental right in the EU, and the GDPR and its predecessor directive have provided longstanding legal frameworks to protect those rights,” wrote Cho. “In contrast, US laws have historically been sectoral and reactionary. For instance, what happens if personal data is breached? These new state omnibus privacy laws impose proactive requirements, and the main impetus is to empower consumers with rights over their data, particularly when that data is being monetized.”
The research also highlights notable concern among respondents in relation to geolocation data privacy issues. In the US, 40% of respondents are very concerned about privacy laws that include specific restrictions on collecting and using precise consumer geolocation data for targeted marketing purposes, versus 32% in the UK. US respondents also place more focus on losing the insights that geolocation data provides (35% versus 26% of UK respondents), as well as associated revenue (24% versus 22%). UK respondents, meanwhile, are more concerned about securing consent from consumers (56% versus 51% of US respondents) and defining the specific business purpose (55% versus 50%).
AI, biometrics coming into the data privacy equation
Evolving technologies such as AI and biometrics are coming into the data privacy equation, both introducing their own opportunities and challenges. Businesses are accelerating their adoption of AI technologies with 22% having started using such technology in the past year alone, driven by the skyrocketing popularity of generative AI such as OpenAI’s ChatGPT.