According to the latest report from the International Association of Privacy Professionals (IAPP), the privacy technology market continues to show strong signs of growth, primarily driven by new compliance imperatives. Today, organizations have a lot more options when it comes to enterprise privacy tools.
The 2017 Privacy Tech Vendor Report from the IAPP analyzes the various classes of privacy tools that are now helping organizations reach their business and privacy management goals. The scale and scope of new tools being developed suggests a bright future for the privacy technology space, which could really explode into prominence in 2018.
The current and future drivers for the privacy technology market
The primary driver for the privacy technology market, of course, is the upcoming European General Data Protection Regulation (GDPR), which goes into effect in mid-2018. It’s impossible to talk about the future of the privacy technology market without focusing on the GDPR, which places an enormous compliance burden on organizations.
So it’s perhaps no surprise that a major focus of privacy technology vendors has been supplying the types of tools for organizations to reach full GDPR compliance. According to Jedidiah Bracy, Editor for Privacy Perspectives and Privacy Tech at the IAPP, “The GDPR is almost single-handedly driving the growth in privacy technology, and it hasn’t even come into force yet. It’s a little hard to speculate on non-compliance drivers when compliance is driving with a heavy foot on the gas and no stop signs anywhere in sight.”
For now, the enterprise space is where much of the new activity is happening. As Bracy suggests, scalability and efficiency are front and center when it comes to the adoption of privacy tools: “In the enterprise space and in addition to compliance needs, many of the privacy technology solutions we’ve seen also help the privacy office conduct operations at scale and more efficiently.”
The privacy technology market and the growth of innovative new technologies
According to the conventional wisdom, the GDPR will result in a chilling effect on technological innovation, especially with regard to technologies like artificial intelligence (AI) and machine learning, both of which are very dependent upon a free flow of data within the enterprise. However, as a roundtable of experts recently opined at a GDPR innovation briefing in Brussels, the opposite could be true: the GDPR could lead to a growth in the adoption rates of innovative technology.
The IAPP report echoes those findings. As the IAPP points out, privacy tools are evolving in ways that were not originally expected. For example, AI has shown surprising promise in helping organizations deal with the vast amount of data that they are creating, and then find a way to map it and extract value from it, such as through the development of new data-driven products.
As Bracy suggests, new AI technologies are actually very complementary to some of the privacy tools being developed for organizations: “In the enterprise space, some of those disruptive technologies, namely AI, are being leveraged to help organizations discover sensitive data they didn’t know they had, create dynamic data maps of where that data is located and flowing to and from.”
One important point to keep in mind, says Bracy, is that in order to reach full compliance with GDPR, organizations cannot work directly with the data of individuals without their specific consent. Thus, the race is on to alter or anonymize the data such that the identity of the original user is no longer known. The IAPP report mentions tools based around de-identification or pseudononymization technologies, as well as new types of consent technologies. As we’ve seen before with the healthcare and pharmaceutical markets, this is a compliance approach that is relatively convenient to implement, while not acting as a brake on innovation.