HomeBlogHow Companies Can Leverage Their Data in The Compliance Era

How Companies Can Leverage Their Data in The Compliance Era

February 25, 2020 by Shiri Lemel

The global data landscape is quickly moving in a new direction that requires all businesses to meticulously review, and in some cases, completely overhaul their data management processes. In May 2018, the European Union introduced its historic General Data Protection Regulation (GDPR) legislation, and on January 1st, 2020, the California Consumer Privacy Act (CCPA) officially came into effect. More recently, the news around the proposed creation of a US Federal Data Protection Agency as part of a new ‘Data Privacy Act’, further illustrates how the scales are tipping in favor of the individual in a big way. In 2020, the need for businesses to be ready for the challenges posed by tightening regulatory constraints has never been more pronounced. In a spirited medium post, Senator Kirsten Gillibrand, the driving force behind the Data Privacy Act, specifically called for the deployment of Privacy-Enhancing Technology (PET) to help eliminate the wide-scale collection of personal data.

 

Regulations like GDPR, CCPA, and the proposed Data Privacy Act ultimately prioritize a user’s right to privacy over the commercial interests of enterprises – a paradigm shift that elevates the credentials of PET as a mechanism to facilitate the confluence of data monetization, cross-organizational collaboration, and protection of user privacy. 

 

With enterprise data increasingly seen as the new oil, its value has soared dramatically over the last decade. Companies intent on exploring new ways to harness the data they collect often do so at the expense of user privacy. With great power comes great responsibility, and large businesses are slowly coming to terms with the sizable role they must play in protecting the privacy of valuable consumer data. As CCPA kicks into full gear, an estimated $55 billion is expected to be spent by Californian enterprises on compliance-strengthening measures. While this kind of expenditure might send shivers down the spines of company executives, enterprises can still use their data for cross-organizational collaboration to advance commercial interests, gain efficiencies, and mitigate risk – while staying within the confines of regulatory frameworks –  by turning to the latest PET innovations including Zero-Knowledge Proof (ZKP) cryptography, multiparty computation, and homomorphic encryption. 

 

Cryptographically-secure, privacy-enhancing techniques like these can be deployed across a variety of business verticals, helping enterprises adapt to the compliance era with a renewed sense of confidence, while facilitating data usage collaborations that don’t undercut the privacy of sensitive business data.

 

This new reality is already extending to areas such as insurance and finance, with bespoke use-cases facilitating fraud detection between insurance competitors as well as intelligence-sharing among banks to identify financial crimes. PET use-cases are also permeating the identity and certification management fields, helping technology and service providers strengthen enterprise alliance partnerships. PET-enabled accreditation verification processes can drive new business opportunities while upholding the privacy of personal records. I expect this use-case list to become more populated in 2020. With US Sen. Kirsten Gillibrand spearheading an effort to enact a US Data Privacy Act, it is safe to say that this data privacy movement will endure in the years ahead. However, enterprises that are downbeat at the prospect of grappling with rigid regulatory frameworks have cause for optimism. The latest PET innovations are not only geared towards ensuring regulatory compliance, but they open the door to new revenue streams in the form of privacy-upholding data collaboration with other enterprises.

 

This new era of data regulation brings unprecedented challenges to data-driven enterprises — however, this doesn’t mean that explorative data monetization needs to be curtailed, but it does need to be regulated. The tide is gradually beginning to turn and upholding users’ data privacy through regulatory compliance will become the de-facto standard globally. By acting now and making changes to data management processes through the latest innovations in PET, enterprises can have the best of both worlds – riding a wave of regulatory compliance that empowers companies to maximize the value of their data through mutually beneficial cooperation with enterprises in their ecosystem.