What 2022 has in store for data privacy
As we turn the page to 2022, the Data Protection Excellence (DPEX) Centre, the learning and research arm of Straits Interactive, released its annual regional data protection trends forecast with the following five predictions for 2022:
Ongoing data and privacy breaches, especially due to COVID-19. The COVID-19 pandemic has expedited digitalization in all walks of life, creating risks and vulnerabilities leading to an increase in breaches. In 2021, there were cases such as breaches in government contact tracing apps (Malaysia, Indonesia) being reported in the news.
In addition, increased spamming activities from organizations seeking to generate revenue for business survival are also expected. Also, pandemic-related tracing activities, e.g., the verification and monitoring of vaccinated individuals and those with COVID-19, pose risks to organizations if data is not handled properly and stored safely.
Therefore, companies will need to be more vigilant and implement both data privacy and security measures in order to comply with the data protection regulations.
Intrusive home surveillance due to work-from-home practices. Many organizations have opted for continued work-from-home (WFH) arrangements for the purpose of business continuity and also with their employees’ well-being in mind. However, some organizations may have also implemented surveillance and monitoring software to ensure that employees are actually working and not abusing this work arrangement. The surveillance and monitoring technologies can be considered intrusive and breach data privacy requirements.
In this case, DPOs will need to assess any relevant risks, conduct data protection impact assessments on new monitoring software and surveillance measures, as well as ensure WFH policies align with these new projects.
Continued interest in certification for both organizations, i.e., DPTM, and individuals. There is the continued adoption of Singapore’s Data Protection Trustmark (DPTM) as a seal of approval for local organizations to demonstrate data protection accountability.
Meanwhile, a new Philippines privacy certification, Philippine Privacy Trust Mark, for organizations demonstrates the region’s desire to boost consumer confidence in organizations’ management of personal data and to provide a competitive advantage for businesses that are certified.
In addition, an increasing number of individuals are seeking formal privacy expertise and training in order to advance their careers and pursue job opportunities. The Singapore and Philippines authorities continue to lead the way in the Asean region in encouraging local data protection officers and professionals to be certified.
More regulatory attention on big tech, including social media, internationally spilling into Asean. In 2022, the DPEX center also expects more enforcement against social media and online companies for intrusive privacy practices and illegal processing. Last year, China’s government ordered Didi, a leading ride-hailing platform in the country, to be removed from app stores for issues relating to the firm’s collection and usage of customer data. Enforcement by the authorities is expected to increase in 2022 as regulatory attention on big tech companies will set the stage for more organizations to find themselves in violation of data protection laws.
Strong demand for data protection officers to continue in the region. This year, all of the Asean region’s founding members will have data protection laws in place. With China having enacted its Personal Information Protection Law in November 2021 and India expected to introduce its own data protection law after years of deliberation, the entire region seems to be pressing the reset button on data privacy.
Even in 2021, countries that have existing data protection laws have updated and introduced amendments to the law. For instance, Singapore updated its Personal Data Protection Act with new amendments and requirements.
With these five predicted regional data protection trends, the data privacy and protection landscape is about to undergo a major transformation, and it is vital for organizations to remain aware and make relevant decisions to keep up with these changes.
* * *
Kevin Shepherdson is CEO and founder of Straits Interactive.
