Stay informed with our newsletter.
.webp){kind=spacer}
EN
.webp)
The anticipated data privacy trends for 2024 and 2025 include heightened regulatory scrutiny globally, an emphasis on robust data protection measures, integrating privacy into product design, increased focus on biometric data protection, and ongoing discussions regarding the ethical use of AI technologies in relation to privacy concerns.
Americans are worried about data privacy.
Search volume for “Meta privacy” grew rapidly in 2022 and 2023.
Many are concerned about how the government is using their personal data while others are worried about how AI will affect the privacy of their data.
It’s no surprise then that 72% of Americans support increased privacy regulations. But that’s just one factor influencing today’s data privacy landscape.
Keep reading to learn about five privacy-related trends to keep an eye on. We’ll cover specific trends for users and businesses, plus discuss the latest privacy-enhancing tech solutions.
Social media platforms are notorious for collecting data on users.
This data feeds algorithms and enables brands to target specific users in their advertising.
However, the sheer amount of data collected by social media platforms is staggering.
Reports show Meta platforms (Instagram, Threads, and Facebook) track and collect 86% of a user’s personal data.
Lack of privacy on Threads, especially, was noted when the platform debuted in the summer of 2023.
TechCrunch called it a “privacy nightmare.”
The app collects data on everything from search history to financial data to the user’s precise location.
The privacy concerns were so serious that the app was not allowed to launch in the EU (which has stricter privacy laws than the U.S.) until December 2023.
And, some social media platforms are even collecting data on non-users.
One cybersecurity report noted that TikTok’s pixels are present on a wide range of websites and collect a host of data on non-users and users who have deleted the social app.
Americans are becoming increasingly unhappy about the lack of privacy on social networks.
A survey from the Pew Research Center shows that 76% of Americans fear that leaders of social media companies will sell their personal data to others without their consent.
This is especially true when it comes to children.
The Pew Research Center reports that 89% of Americans are concerned about social media platforms collecting data on children.
Despite the privacy concerns, Americans continue to use social media.
There are more than 302 million users in the U.S. and a penetration rate of 91%.
Surveys show this is mainly due to apathy.
Nearly one-third of users say it’s too difficult to protect their data no matter what sites they use, and that’s the main reason they still use social media despite the lack of privacy.
Others say their personal data isn’t private anywhere.
The mass introduction of AI systems over the past year has many tech experts, business leaders, and consumers sounding the alarm about potential privacy concerns.
One-third of businesses surveyed by IAPP said AI governance was a top priority in 2023.
A major part of that governance is ensuring the privacy of company and customer data.
A survey from Zendesk showed 84% of IT leaders reported an increased importance of deploying AI and 87% of them are investing in data privacy and cybersecurity solutions as part of their deployments.
One concern is that employees may not realize the sheer lack of privacy when sharing data with open AI systems.
For example, Samsung employees leaked secret code to ChatGPT in three separate events during the spring of 2023 and the company subsequently banned the use of the AI tool.
Several banks, like CitiGroup and JPMorgan Chase, have also banned ChatGPT.
In addition, Apple has banned GitHub’s Copilot, an AI-powered programming tool.
It’s not just businesses that are concerned about the data privacy implications of using AI. Many consumers view AI as a threat to privacy, as well.
Nearly 60% of global consumers say AI is a significant threat to their privacy
When AI models are trained, they often obtain and use personal data. This data may include sensitive information like addresses, financial information, medical records, and social security numbers.
The larger problem is that cybercriminals may reverse engineer AI systems to gain access to specific data and personal information.
In some cases, the AI systems can do this on their own. It’s called “predictive harm.”
The complex algorithms and capabilities of AI systems enable it to take a handful of seemingly unrelated data and use it to predict very sensitive attributes about a person. That could include things like sexual orientation, health status, and political affiliation.
In addition, once an AI tool has been trained on this kind of personal data there’s virtually no way to remove it.
Tech experts say the only way to remove the data is to delete the AI model in its entirety.
Data from IBM shows the average cost of a data breach in 2023 was $4.5 billion. That’s 15% more than just three years ago.
According to the Identity Theft Resource Center, there were 2,116 data compromises in the first nine months of 2023 alone.
Through those compromises, criminals got their hands on the data of 233.9 million people.
The Identity Theft Resource Center noted that phishing and other social engineering attacks are one of the most frequently reported causes of data breaches.
A particular type of social engineering called pretexting is on the rise.
This term describes the process of hackers creating believable stories, or pretexts, in order to convince individuals to trust them. They often make it appear as if their messages come from someone the target trusts, like a friend or boss. Once they have that trust, they’re able to extort sensitive information and data.
This can happen via email, voice, or texting.
A report from Verizon showed 50% of all social engineering attacks from November 2021 to October 2022 were pretexting attacks.
One of the most successful hacking groups, Scattered Spider, frequently uses text-based pretexting and fake phone calls as part of their strategy.
Ransomware is also on the rise. That’s according to a recent report commissioned by Apple.
The report found a 70% increase in ransomware attacks in the first nine months of 2023 compared to the same time period in 2022.
Minneapolis Public Schools fell victim to a ransomware attack in March 2023.
The school refused to pay the $1 million ransom and 300,000 files filled with private student and employee data were leaked on the dark web.
In another incident, the City of Dallas was attacked with ransomware in May 2023.
The stolen data included “tons of personal information of employees (phones, addresses, credit cards, SSNs, passports), detailed court cases, prisoners, medical information, clients’ information, and thousands and thousands of governmental documents.”
Information provided to insurers and medical professionals is strictly safeguarded by HIPPA.
But in today’s world, that’s not nearly enough protection.
Nearly 75% of individuals are concerned about the privacy of their medical data.
Their fears are not unfounded.
In 2023 alone, more than 540 organizations reported data breaches to the HHS Office.
Those breaches impacted 112 million individuals—more than double that of 2022.
In addition to cyber threats, there are less malicious threats hidden online.
Any medical data that’s typed into a search bar, entered in an app, or tracked on a wearable is not protected by HIPPA. Many times, that data isn’t protected at all.
If the data is protected, it’s up to the company collecting the data to keep it safe.
But lately, there have been many incidents in which healthcare data has been tracked or sold without users’ consent.
Take GoodRx, for example.
The company led users to believe their data was safe under HIPAA protections, and the company assured users it would not sell the data.
GoodRx, however, sold the data to Facebook, Google, and other businesses.
The FTC got involved and fined GoodRx $1.5 million.
The mental health app BetterHelp was fined $7.8 million for similar actions.
Lawmakers in Connecticut, Washington, and Nevada have passed legislation that expands the protection of what they call “consumer health data.” That mostly covers any sensitive medical data that’s not already covered by HIPAA.
The laws require users to opt-in to data collection. They also specify that entities must give users a way to revoke their permission.
Privacy-enhancing technologies (PETs) allow businesses to leverage their data while protecting it.
Gartner predicts more than 60% of large businesses will employ at least one PET solution by 2025.
PETs work by keeping data essentially hidden while a researcher or business user is accessing it—both privacy and utility are preserved.
These tools cover everything from data collection, processing, analysis, and sharing.
In recent months, there’s been increased interest in fully homomorphic encryption (FHE) of data.
Data with homomorphic encryption allows users to perform computations on encrypted data without decrypting it.
This type of data protection comes in three levels: partial, somewhat, and full.
In FHE, users have total flexibility to perform any operations on the data and retain its encryption.
FHE software has long been out of reach for most because it’s computationally intensive and up to 1,000 times slower than other types of data processing.
But that’s set to change in 2024.
There are at least six companies vying to commercialize chips that can utilize FHE in a fast, efficient manner. To be usable, the chips would need to reduce the computing time from weeks down to just seconds.
The technology could offer enhanced privacy in areas like financial records, medical data, and blockchain.
Another privacy-enhancing technology that’s gotten a lot of attention lately is the concept of data clean rooms.
These virtual spaces provide a secure way for advertisers and media companies to share data. This allows advertisers to see the impact of their campaigns across platforms and publishers.
According to the Interactive Advertising Bureau, 64% of companies using PETs are employing data clean rooms as part of their overall strategy.
In mid-2023, Paramount launched a data clean room.
NBC, Roku, Disney, and Clear Channel Outdoor have them as well.
That’s all for the top five data privacy trends happening right now.
Concerned consumers are likely to continue their calls for more laws and regulations aimed at protecting their data. At the same time, new technology like AI has the potential to introduce even more privacy issues.
In the coming years, PETs are likely to play a key role as businesses deploy enhanced data privacy strategies. Organizations wanting to stay ahead of malicious threats will be looking for advanced cybersecurity solutions, as well.
Sourced from Exploding Topics
