Three future privacy considerations
Michael Irene is a data and information governance practitioner based in London, United Kingdom. He is also a Fellow of Higher Education Academy, UK, and can be reached via moshoke@yahoo.com; twitter: @moshoke
On the 8th of December 2022, I was opportune to be at the inaugural Picasso Privacy Award in London. The award housed various privacy professionals and other advocates of privacy, including Chief Executive Officers, CTOs, etc. The aim of the award, according to the organisers, is to celebrate and help establish a movement in the global privacy industry with the sole mission of opening conversations about why the privacy culture should be at the heart of organisations across the globe.
The event was marked with speeches by John Edwards, UK Information Commissioner; Lord Clement-Jones CBE, House of Lords Liberal Democrat Spokesperson for Digital, and Vivienne Artz, co-Chair, Data Privacy Expert Group. What made the event grand, much more than the awards, was the thematic features and similarities embedded in the speeches of these speakers. Three main considerations in privacy came to life in my mental note.
First, was the discussion about the Metaverse. There will be a deluge of entry into this space. According to Globaldata, the market size is valued at $22.79 billion and is looking to grow at a compound annual growth rate of 39.8 percent. The metaverse is a virtual world where users share experiences and interact in real-time within simulated scenarios. Think Roblox, a gaming company, which has dominated this space with their metaverse business structure, selling robux to kids, avatars, etc.
What would be the privacy challenges in the metaverse? I foresee the question of where data will be stored and who would have access control of said spaces and how can metaverses interrelate with other meta-verse — for example, if I was using Meta’s Occulus and I wanted to relate with someone in Roblux’s metaverse, how will that be augmented. These are interesting times and the implication of these will perhaps lead to a radical updating of existing data privacy regulations.
Second, discussions revolved around the place of regulatory supervisory authorities with regards to the support they will give to companies as technology evolves and when companies attempt to start creating new experiences for customers. For example, in 2020, British Airways invested in what they described as airport automation. Their AI-powered autonomous robots help over 100,000 customers navigate through various airport expectations ranging from passport scanning, bag loading, transferring bags to haulage, just to mention those three. Regulation will begin to evolve to meet the advancement in technology. Lord Clement-Jones highlights this point when he says, “regulations won’t rest as privacy will be the pillar of technological advancement.”
Organisations should, as a third take away, consider privacy-by-design as an approach in all their processes, projects, and products. By doing this, they would prevent treating privacy as an afterthought and allow product owners, designers, software developers to think creatively as they launch innovative products. I think most serious organisations with customer centric visions understand that their aim must be to protect and build brand trust.
We are heading to an era where innovations will be directed by creative minds that pay attention to critical areas for improving customer experience and at the same time protect the customer’s rights and freedoms.