In 2021, Consumer And Stakeholder Privacy Is About Defining Trust

As business and nonprofit leaders navigate the Fourth Industrial Revolution, consumer and stakeholder privacy has become a matter of defining trust. As new digital services and connected devices fueled by personal data flourish, consumers’ reasonable expectation of privacy shifts. If expectations do not match reality, it can lead to gaps in trust and new paths for litigation and regulatory enforcement. 

Recent regulatory actions signal that privacy will be center stage in 2021. Whether you are in Washington, D.C., Ottawa, Sacramento, London, Brussels, or New Delhi, regulators’ attention has turned to enforcing privacy rights and defining data flows. This trend underscores the need for leaders to take stock of their own privacy practices, policies, and procedures to ensure their organization follows through on stakeholder promises and avoids litigation. 

Here are a few 2021 privacy developments business and nonprofit leaders should note. 

Balancing Privacy And Cross-Border Data Flows 

As the incoming Biden administration confronts the ongoing public health and economic crises, facilitating global digital trade while balancing privacy concerns will be critical. In the aftermath of the Court of Justice of the European Union Schrems II decision, the regulatory burden and associated risks for the transfer of personal data to the U.S. from the EU and U.K. have significantly increased.

U.S. businesses are operating in a compliance environment where no existing data transfer mechanisms are guaranteed to fully satisfy EU regulators. As a result, most choose to shore up their existing privacy commitments with additional safeguards, building on transparent frameworks like Privacy Shield to demonstrate their public commitment to EU principles. It is only through such mechanisms that businesses can continue to combat the rise of data localization rules and preserve the flow of personal data across borders. While U.S. organizations return to privacy-first principles — documenting their data flows, transfer tools, and contracts — the U.S. Department of Commerce is in active dialogue with its counterparts about the future of transatlantic data transfers, with an agreement expected in 2021.

More Scrutiny Over Data Collection And Monetization 

The broad impact of online platforms in consumers' daily lives will continue to be on the minds of many in 2021. Regulators have begun to investigate how the digital marketplace, with its reliance on personal data, may require a reconsideration of privacy and antitrust standards to discrimination and misinformation. In addition to filing a well-publicized antitrust case against Facebook, the Federal Trade Commission (FTC) announced in December 2020 an inquiry into data collection practices at nine social media and video streaming companies, including YouTube, Facebook, Reddit, Twitter, Discord, and TikTok’s parent company ByteDance.

Making Strides In Child And Teen Online Privacy 

The need to adapt privacy practices is even clearer when it comes to children and teens. Twenty years ago, the FTC’s original Children’s Online Privacy Protection Act (COPPA) Rule was designed to place parents in control of the personal information collected about their children online. In 2000, it would have been impossible to imagine how the internet and apps would become a ubiquitous part of our children’s lives. For COPPA to remain effective, we need to ensure that the factors that define "directed to kids" are updated to appropriately address today’s online services and platforms.

The FTC is currently conducting a COPPA Rule review. Before changes are finalized, the FTC is likely to scrutinize the edtech and digital advertising spaces more.

There are similar yet unaddressed challenges in the teen space. Teenagers are major participants in the digital ecosystem. Proposals from lawmakers to raise the age for COPPA as one way of addressing emerging teen privacy concerns leaves much to be desired. The FTC has raised questions about how teens interact with social media and video streaming services as part of its ongoing inquiry. To me, in 2021, industry leaders must come together to identify a forward-looking approach to teen privacy that recognizes the unique needs of this demographic.

Health Data And The Technology That Enables It 

The coronavirus pandemic has put the immense value of interoperable health data squarely in the spotlight. The expanded availability of data related to individual health is outpacing the development of regulatory safeguards to protect the public. Today, companies that operate on numerous platforms may end up with access to more data from which to make health inferences than a doctor’s office. Yet these technology companies are often not covered by existing health privacy laws. 

More work is needed among stakeholders in this space to ensure that the privacy protections consumers expect are preserved when their data is processed by third parties, including connected devices and mobile apps.

Prioritizing Privacy

For all organizations, challenges revolving around the use of private information will only increase in 2021. While the FTC and recent California privacy rules often do not have jurisdiction to regulate charities and many nonprofits directly, stakeholders expect nonprofits to meet the same global standards for privacy protections that businesses are embracing, and we will see whether the incoming Congress prioritizes federal omnibus privacy legislation. 

Many more privacy developments loom on the horizon, from the demise of cookies to contact tracing and the acceptance of connected cars. The organizations best prepared to meet these challenges will be those that keep consumer privacy top of mind, embracing policies and practices that go beyond compliance to provide individuals with a sense of empowerment over their data.

Originally published on Forbes.