The 2022 USENIX Enigma conference, back in person after two years of being virtual due to Covid-19, brought the topics of data security and data privacy to the forefront of the technical community. Events such as this conference serve as a fantastic opportunity for professionals to share opinions and status updates, making them a melting pot of knowledge that can help entire industries take the temperature of different topics.
To highlight the main takeaways of the conference, 451 Research published the market insight report USENIX Enigma 2022, Part 1: The (very) human element of data security and privacy. In it, Paige Bartley, senior research analyst, describes the too often adversarial mindset management takes against data privacy measures and regulations, instead of viewing the initiative as a business opportunity to get ahead of competitors by gaining consumer trust.
Data regulations have not appeared in a vacuum. Governments are largely acting on civic demand to better protect people’s sensitive information when they are online, leaving the impetus for the idea of data privacy with consumers. B2C businesses in particular can never lose sight of this, especially as technological developments continue to complicate the sphere of data security, making it progressively harder and harder for the average individual to comprehend both the scope of data collection and the many mechanisms therein designed to simultaneously use and protect data.
451 Research’s Voice of the Enterprise: Data & Analytics, Data Management & Analytics 2021 survey captured this well, as 70% of respondents noted that ‘nearly-all’ or ‘most’ strategic business decisions were data-driven. If data is so valuable to businesses, then the people behind the data need equal standing.
In fact, data governance and the changes it has required of organizations has led to multiple positive developments. From the same 451 survey mentioned above, over 30% of respondents noted that data governance initiatives led to faster access to relevant data, a higher quality of data, and fewer IT-related bottlenecks. Data regulations, which governments around the world have begun to embrace as more and more legislation gets passed, do not then need to be viewed as burdens.
This is easier said than done due to the inexact science of capturing exactly what people want, need, and understand about their digital lives. Bartley notes, “often regulations and laws themselves are built atop ambiguous assumptions about human societal dynamics, psychology, behavior, perspectives and technology preferences.”
Data regulations based on the public will inform the business decisions of nearly every major corporation in the world, but the public will is indeed a tricky thing to nail down to a unified, detailed concept. This can result in skewed data regulations largely because, as Bartley points out, “data privacy and data security are often thought of in technological terms … [although] security and privacy are as much of a cultural issue as they are a technical issue.”
Instead of leaning into the variety representative of the public will, an admittedly daunting task, organizations have focused on the technical demands and the problems that arise from failing to meet them. The key then to staying on top of this pain point is to frame the conversation not around the punishment of fines and reputational losses from noncompliance, but from the untapped potential of one of the next market inefficiencies: further embracing all aspects of data privacy.
All aspects of data governance, from data privacy to data residency, are here to stay. The internet grows more governed and segmented with each passing year, and compliance has become perhaps the main cost of doing business on a global level. Instead of dreading the process and reality of data compliance, companies have to take the longer view, that of the human element of the issue. Organizations already have the data, so now they need to utilize it less for marketing and more for improving user experience and being able to cater to different customer needs.
Some businesses are already doing this, but those that prioritize it will clearly set themselves apart in the coming years. With this approach, any company stands a better chance of competing and prospering in an age where data, the through line of modern humanity, represents both people’s lives and business opportunity.