The last year has been illustrative of how important privacy practices are. Privacy and data security are going to be even more crucial in the coming year. For this reason , Avantika Banerjee, our Legal & Policy Analyst, put together a list of what we can expect to see this year when it comes to privacy. See below for her 2012 predictions:
I. All eyes are on mobile
- With the aggressive and continued growth of mobile usage, there will be a greater need for creating consolidated privacy standards in the mobile arena
- Privacy guidelines will have to clarify the manner in which data is being collected and used
- In keeping with this trend, the MMA released a privacy policy framework for mobile applications, which serves as a starting point; Covington and Burlington has provided a succinct summary and analysis of the MMA framework here
II. Push for data breach notification regulation at the federal level
- The number of data breaches has been consistently growing; to combat this 47 states now have data breach notification laws
- There is no single federal regulation dealing with data breach, and there is going to be a stronger push for such a legislation
III. EU standards will set the bar for privacy norms
- The new proposed EU data protection regulation is set to replace the original EU Data Protection Directive 95/46
- This proposal consists of standards that are more stringent than the current ones
- The new regulation will apply to non-EU companies that interact with data subjects within the EU, or whose activities involve monitoring the behavior of data subjects within the EU; it will impact multiple categories of online service providers
- IAPP (International Association of Privacy Professionals) has provided a brief summary and analysis of the regulation here
IV. COPPA steps up its standards
- Childrens Online Privacy Protection will be a major issue and more stringent standards are going to be applied
- The FTC has proposed amendments to the existing act, in keeping with the changing environment.
V. The FTC plans to release its Privacy Report
- The report titled “Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers” will be released in early 2012
- This report will play a significant role in influencing privacy practices and will follow up from the original report published in 2010
VI. There will be a greater need for data encryption at all levels
VII. Third party privacy certification providers will be in high demand
- Certification and auditing services will become more prominent as a result
VIII. Privacy Impact assessments will play a stronger role in a company’s security structure
- These assessments will gauge the health and relevancy of a company’s data security and privacy practice
IX. Deceptive privacy practices will be heavily scrutinized
- Company Privacy Policies will be scrutinized at greater length and will have to accurately present the company data practices
- The FTC is going to play a stronger role in aggressively penalizing those companies that are not adhering to their written privacy policies
- Recent examples illustrating this include the settlement with Facebook and ScanScout
X. Privacy by design will become more widely accepted