Privacy 2021!

Data privacy became a mainstream topic with GDPR in 2019 and California’s CCPA in effect in June 2020.

COVID brought a different take on this progress. In our earlier article Contract tracing https://medium.com/@credio/privacy-during-a-pandemic-f7dc27c0b0ce we talked about impact of COVID on our personal information.

Today, in these unprecedented times, we are faced with making choices as we need to share more personal (PII) and health (PHI) information to keep us safe. It is truly a matter of life and death.

2021 also started with a bang with Facebook announcing changes to its privacy features on WhatsApp giving unknown apps like Telegram and Signal download spikes. One can argue if Facebook was going to implement the changes or simply test people’s reactions. With over 1.6B active users, Facebook is a lifeline for many people around the world. So, asking for some PII in return to deliver a simple user experience that drives commerce, health information, news, family connections may be a barter.

On the occasion of International Privacy day, Apple announced the ability for a users the option to limit how apps track their digital footprints. The war across between Menlo Park and Cupertino, CA is setting stage for disruption. Will Apple be favored as company giving choice to control personal information or will Facebook eventually try to give users a choice to use its services by giving consent or become another Adobe Flash support on MAC issue which ended on 12.31.2020.

EU is enforced GDPR rules and levied over $195M in fines in 2020 alone. Now comes the regulations that impact transfer of personal data to US and other countries following Schrems II case which ruled against the privacy shield agreement that allows firms to transfer personal data from EU to US.

So, how does 2021 stack up for privacy? While California is trying to get back to its feet, CCPA enforcement may not be on top of the list. EU and countries like India and China will flex their reach trying to regulate use of personal information for a population of 2.5B.

The biggest threat to personal privacy this year will be our healthcare information. Numerous trials, access to vast health data to tackle the pandemic and sharing information at Gyms, restaurants, hotels, airlines, schools as we try to live a normal life puts our personal health data in hands of companies and organizations who are not trained or equipped to protect it. Data protection is not their core strength.

So, let us hope we are past COVID, when as we cannot question the data collection in the name of health risk, but, hope the regulators will build a framework with the leading technology companies on a common data collection framework for health information. COVID saw unprecedented speed in vaccine development but, it also sets the stage to deal with another global health crisis. Some of recent state hacks like SolarWinds can extend to any enterprise and lead to personal data leakage that cannot be reversed.

The best safeguard to data privacy is to ask “why” when someone collects your personal information.