Keeping up with changes in data privacy laws is proving to be the biggest challenge for businesses, according to a recent survey. Respondents highlighted the difficulties in tracking legislative changes and understanding the differences between state laws in the US. Additionally, they mentioned the struggle of adapting to new or changing requirements in Europe, such as the General Data Protection Regulation (GDPR).
Budget constraints and lack of staff were also cited as major obstacles in effectively addressing data privacy concerns. In the US, 52% of respondents mentioned budget issues, while 45% of UK respondents faced the same problem. Similarly, 42% of US respondents and 39% of UK respondents mentioned a lack of staff as a hindrance. Management approval problems were also listed, with 30% of US respondents and 23% of UK respondents facing challenges in obtaining the necessary support. Additionally, respondents indicated a lack of leadership as a factor impacting their data privacy efforts, particularly in the US where 21% of respondents mentioned this as a challenge.
The survey also revealed that understanding the data held within an organization is a key challenge for businesses. This aligns with the finding that many organizations have not made significant progress in data mapping – a process that involves identifying and documenting the types of data held, its sources, and how it is processed. Failure to have a clear understanding of the data being handled can result in compliance issues and potential data breaches.
When it comes to data privacy concerns, cybersecurity and data breaches topped the list for both US and UK respondents. Executives in the UK expressed greater concern in this area. In particular, retail and financial services industries indicated a higher level of concern, with 42% and 41% respectively selecting a “high level of concern.” US respondents ranked litigation and regulatory enforcement action as their second-highest concern, while UK respondents were split between the loss of customer loyalty/trust and the cost of compliance with privacy laws. Interestingly, US respondents expressed more concern about not fully utilizing data for maximizing sales and revenue, whereas UK respondents were more focused on the cost of compliance.
The discrepancy in concern between the US and UK can be attributed to the different legal frameworks governing data privacy in each region. The European Union, with its GDPR, has long provided a legal framework to protect privacy rights, while the US has traditionally relied on sector-specific and reactionary laws. The introduction of new state omnibus privacy laws in the US aims to empower consumers and impose proactive requirements on businesses. This shift reflects a growing effort to give individuals control over their data, especially when it is used for monetization purposes.
The survey also revealed that geolocation data privacy is a significant concern for respondents. In the US, 40% of respondents expressed very high concern over privacy laws that restrict the collection and use of precise consumer geolocation data for targeted marketing. This concern was slightly lower in the UK, with 32% of respondents expressing the same level of concern. US respondents also placed more emphasis on the potential loss of insights and revenue associated with geolocation data. In contrast, UK respondents showed greater concern about securing consent from consumers and defining the specific business purposes for using such data.
As businesses navigate the complex landscape of data privacy, new challenges are emerging with the adoption of emerging technologies like AI and biometrics. The survey found that 22% of businesses have started using AI in the past year, driven by the popularity of generative AI technologies like OpenAI’s ChatGPT. While these technologies offer opportunities for innovation and improved customer experiences, they also pose new privacy challenges that need to be addressed.
Overall, the survey highlights the ongoing struggle for businesses to keep up with ever-changing data privacy laws and regulations. It underscores the need for organizations to allocate appropriate resources, including budgets and staff, to effectively address data privacy concerns. Additionally, businesses must enhance their understanding of the data they hold and proactively comply with privacy laws to gain and maintain consumer trust. As new technologies continue to evolve, companies will need to stay vigilant in ensuring data privacy while leveraging these advancements to drive business growth.