More than 40 per cent of privacy compliance technology will rely on artificial intelligence (AI) by 2023, a five per cent increase from today, according to a new survey from Gartner.
And while the 2019 Gartner Security and Risk survey didn’t include Canada, it did shed some light on how organizations are going to spend their money to remain privacy compliant.
“Privacy laws, such as GDPR, presented a compelling business case for privacy compliance and inspired many other jurisdictions worldwide to follow,” said Bart Willemsen, research vice-president at Gartner, in a press release highlighting the survey results. “More than 60 jurisdictions around the world have proposed or are drafting postmodern privacy and data protection laws as a result. Canada, for example, is looking to modernize their Personal Information Protection and Electronic Documents Act (PIPEDA), in part to maintain the adequacy standing with the EU post-GDPR.”
Canada made amendments to PIPEDA that came into effect Nov. 1, 2018. In an attempt to maintain the adequacy standing with the EU after the enactment of GDPR, these amendments require organizations to report data breaches that are significantly harmful. Mandatory breach notification requirements have increased the number of reported claims, leading to a restructuring of claims costs for insurers, Canadian Underwriter noted in a recent article.
With a continuous rise in online crime, and threat actors around the world growing more and more sophisticated, it is getting increasingly difficult for privacy leaders or businesses to spot the red flags or prevent them. Privacy leaders are therefore under continuous pressure to make sure all personal data that is processed is safe and under control, and this is going to be very cost-intensive and difficult to manage without the use of technology.
Moreover, the ability of an organization to swiftly and effectively handle subject rights requests (SRRs) is at the forefront of a positive privacy user experience (UX). According to the survey, the majority of organizations fail to deliver prompt and precise responses to the SRRs they receive.
Two-thirds of survey participants indicated it takes them 15 or more days to respond to or handle a single SRR. Performed manually at most times, the average costs of these workflows are about CA$1,860, which accumulate over time. As a result, there is an ever-increasing need for AI-powered applications to reduce manual workloads and enhance precision to tell real from fake.
“The speed and consistency by which AI-powered tools can help address large volumes of SRRs not only saves an organization excessive spend, but also repairs customer trust,” said Mr. Willemsen. “With the loss of customers serving as privacy leaders’ second-highest concern, such tools will ensure that their privacy demands are met.”
In addition, the global privacy spending on compliance tooling will increase to $8 billion by 2022, the report noted. Gartner expects that the purchasing strategies of the connected stakeholders, including those of CIOs, CDOs and CMOs will be impacted by privacy spending.
“Today’s post-GDPR era demands a wide array of technological capabilities, well beyond the standard Excel sheets of the past,” said Mr. Willemsen. “The privacy-driven technology market is still emerging,” he added. “What is certain is that privacy, as a conscious and deliberate discipline, will play a considerable role in how and why vendors develop their products. As AI turbocharges privacy readiness by assisting organizations in areas like SRR management and data discovery, we’ll start to see more AI capabilities offered by service providers.”
The 2019 Gartner security and risk survey was carried out over a one-month period, from March 2019 to April 2019, to gain a better understanding of how risk management planning, operations, budgeting and purchasing are performed. This was an online survey which was conducted among 698 respondents in Germany, India, Brazil, the U.S. and the UK. Qualifying organizations have at least 100 employees and $50 million (USD equivalent) in total annual revenue for fiscal year 2018.
The Gartner IT Symposium/Xpo 2020 will present additional analysis on improving business, which is scheduled to be held in Toronto from May 11-14, 2020.