I had the privilege to attend IAPP’s Global Privacy Summit (GPS) 2023 from April 3 – 5. I was onsite with other members of the DataGrail team including Senior Manager for Corporate Marketing, DeAndrea Salvador, and Director of Partnerships, Matt Rubright. Our booth was the hot meeting place — we served fancy coffee, hosted a book signing with keynote speaker Danielle Citron, and spoke with new and potential customers about why data privacy program automation is so critical right now.
It was great seeing longtime privacy friends and meeting new pals along the way. I even got to meet a few of my personal privacy heroes — hey Rick, hey Alastair! Meeting them in person was a highlight for me! For those unable to attend, I’m excited to share the DataGrail team’s recap looking at five of the important trends and takeaways we saw this year. Let’s dive in.
Privacy Teams Support Business Ethics
Something very interesting we heard at GPS concerns the increasing number of privacy professionals working with company Environmental, Social, and Governance (ESG) teams, and that more companies are looking into vendor ESG concerns.
ESG teams focus on ethical business practices and the interaction between privacy and ESG means more groups — consumers and businesspeople — equate how companies treat data privacy with being ethical. Organizations need to ask themselves if it’s ethical to collect someone’s data in the first place, what they plan on doing with the information, and if the use of that data could harm anyone.
As this trend continues, businesses must expand their ESG focuses beyond environmental sustainability and community relations to meet external expectations for robust privacy programs and transparency. A comprehensive privacy program focusing on data transparency is vital for minimizing business risk, but this trend shows how important it is for building business trust as well.
Privacy Drives Business Growth
At DataGrail, we’re always thinking about privacy’s impact as a differentiator and how it drives business growth and provides ROI. That’s why it was delightful to hear WhatsApp Product Manager, Calvin Pappas, frame Spotify’s “Wrapped” product as a privacy feature.
Pappas, a speaker at GPS, said, “We’re starting to see companies offer their own analytics to their users to show them their own usage. Let users understand the value of their own data.”
He went on to use Wrapped as an example. The product shows Spotify users personalized stats about their listening habits, including most listened-to songs and favorite artists. The personalized output is packaged and available for users to share on social media and it’s driving adoption. In December 2020, Spotify drove a 21% increase in downloads with their Wrapped initiative.
To some, it might seem like just a savvy business move. The way I see it, Wrapped is essentially a brilliant visual representation of a data subject access request (DSAR).
C-Suite Concern for Privacy on the Rise
This highlight shouldn’t come as a surprise after reading the trends above. If a strong, comprehensive privacy program can support an organization’s ethics efforts, drive growth, and increase sales, all while reducing business risk, C-level leaders will want to know about it.
This means the topic of privacy will increasingly get a seat at the table. Privacy teams will need to prepare to efficiently inform executives and their boards of directors of privacy-related risks and rewards.
During the “Privacy in the Boardroom” session, the speakers outlined guidelines for privacy leaders to leverage their programs effectively.
- Implementing a privacy framework and measuring against it annually at a minimum
- Identify, escalate, and mitigate high-risk use cases as they emerge, and use them as case studies
- Present the data as a comparison against competitors
- Legitimize privacy risk with the same language used when covering financial or legal risk
- Bring the data and show the C-suite where things are good and where you need help
Legitimizing privacy with the C-suite is a huge win for privacy professionals, and it’s been a long time coming. Difficulties often arise in showing privacy’s returns, which is something DataGrail — and our customer base — thinks about often. We recently launched a new product to help privacy pros display program ROI all in one place: The Privacy Dashboard.
From the dashboard, customers can surface insights like privacy risks and resources saved to help level up their executive team and board members’ privacy program knowledge and awareness.
Privacy is Increasingly Proactive
It’s overwhelmingly clear how important privacy is to businesses for 2023 and beyond. We’re not far removed from a past where data privacy was only seen as useful when reacting to a breach or regulatory action. The modern era is increasingly trending toward proactive privacy practices in response to a rise in consumer awareness.
Airbnb’s Product Manager for Privacy, Ansuman Acharya, CIPT, discussed the importance of finding out how “privacy active” your customers are, which can in turn show the need for privacy proactivity. “Do surveys to understand your customers and determine how many of them are privacy actives,” he said. “We discovered 51% of our users are privacy actives.“
For context, Privacy Actives are people who say they care about their privacy, are willing to act to protect it, and have already acted by switching companies or providers to better protect their privacy. Acharya’s 51% statistic is extremely interesting, especially when considering another number we heard from Microsoft at GPS.
According to a Microsoft Privacy Research report, 74% of consumers prefer to use companies that exceed the standards of privacy regulations. Companies that exceed expectations when it comes to privacy are acting proactively, and customers show their appreciation with their dollars and loyalty.
Generative AI & Privacy
It feels like the world hasn’t stopped talking about Artificial Intelligence this year, and GPS 2023 covered the topic extensively. The technology seems like it has the opportunity to change every single industry in a way we haven’t witnessed since large-scale cloud computing innovations. Similar to cloud computing — which accelerated innovation but introduced massive data sprawl risk — AI has the potential to both positively charge global business and negatively impact the data privacy world.
It’s clear from the number of IAPP panels on the subject that AI is going to be a huge boon, but folks have questions.
Many of the privacy questions hinge on the implications of large language models with access to critically personal information that lack user age confirmation, DSR submission capabilities, and privacy breach protocols.
This is sure to be top of mind for privacy pros for years to come, and we’re excited to continue having these conversations to make sure AI and privacy can positively coexist.
The takeaways above were compiled from all of DataGrail’s attendees, and they’re top of mind for our team as we continue to support customers through this year, and the years ahead.
One of the best ways to start thinking about privacy as a differentiator is to implement a comprehensive privacy program with DataGrail. We make it easier to get proactive, build customer trust, and outsmart business risk thanks to powerful automation and seamless integration across all of our systems.
If you read this recap and realize it’s time to find a new privacy partner, I guarantee you’re not alone. Get in touch with our team here to request a 1:1 demo, or start exploring our product pages to learn more about how we can help your organization make privacy a business advantage.
We thoroughly enjoyed our time at GPS, and already can’t wait for next year. Until then, we’re looking forward to hearing from you.