Rethinking the future of privacy

By Daniel P. Frank, Deloitte & Touche LLP

Prior to the effective date of the European Union’s General Data Protection Regulation (GDPR)1, privacy was largely viewed as a “compliance” exercise, with the ramifications for a lack of “compliance” rarely, if ever, necessitating board-level attention. But when the GDPR became effective, the role of the board in consumer privacy changed significantly, whether you were a European Union-based company or not. In what seemed like the blink of an eye, the impacts of noncompliance suddenly mattered and could not be ignored. The privacy world hasn’t been the same since, and it may never be the same again.

Boards must continue to educate themselves on cyber risk and privacy concerns as they work to maintain oversight and provide guidance to their management teams. Boards should be aware of four emerging privacy trends that will impact how they can help organizations manage ever-increasing consumer privacy expectations.

¹ See “What is GDPR, the EU’s new data protection law?” on gdpr.eu.