Gartner Predicts Privacy Lawsuit Claims Related to Biometric Information and Cyber-Physical Systems Will Exceed $8 Billion By 2025
At the Gartner Security & Risk Management Summit Middle East on February 14-15, analysts will discuss upcoming privacy challenges as well as the global state of the privacy landscape.
According to Gartner, Inc., privacy litigation and claims involving biometric information processing and cyber-physical systems will have resulted in over $8 billion in fines and settlements by 2025.
“Autonomous vehicles, drones that capture video, smart buildings, and smart cities are cyber-physical systems that capture biometrics of all kinds. The collection and storage of biometric information is gaining, whether in the form of fingerprints, iris scans, remote recognition of face, gait, voice, or even DNA samples. But this information has huge potential to be misused or abused,”said Bart Willemsen, research vice president at Gartner.
Willemsen said that new privacy laws cover the capture, conversion, storage, and processing of biometric data and that they can even apply to face tagging technology in social media, during his session at the Gartner Security & Risk Management Summit, which is taking place virtually in the Middle East through today. They may also include a retention policy that prohibits biometric data from being sold, leased, traded, or profited from. Some states outright prohibit the use of biometric data in specific situations.
“In such cases, it is important that security and risk management leaders and privacy leaders consider alternative, less invasive means to achieve the intended purposes, explaining all necessary information to the customer without any caveat,”said Willemsen.
Through privacy portals and intake forms, some multinational, consumer-facing firms are actively shifting toward a self-service model. Their goal is to boost customer trust and preserve positive brand perception, not just to avoid regulatory fines. Budgets for privacy will grow, allowing privacy to go from compliance to competitive advantage.
According to Gartner, the average yearly budget for privacy in major enterprises will approach $2.5 million by 2024, facilitating a transition from compliance ethics to competitive differentiation.
Budgets for privacy have risen steadily from $1.7 million in 2019 to $2 million in 2021, with the trend projected to continue. Cyber dangers have increased as a result of the unexpected surge in online activity, remote working, and virtual learning. Many firms will only perceive the need to start their privacy programme efforts now, with the development of privacy regulation activities across dozens of jurisdictions in the coming two years.
Gartner advises that enterprises establish complete control over overall personal data processing activities before handing such responsibility out to individuals. Privacy rights and consent management services are one way to accomplish this.
“The customer will experience the difference between having to wait weeks for an incomplete answer, or within seconds have full access to the answer to the question ‘what data does an organization process on me?’ That difference is where trust is gained or lost,”said Willemsen.
Organizations are moving away from compliance-driven activity and toward customer-centric activities, depending on the maturity of their privacy programmes. Allowing customer experience specialists to address consumer complaints about a lack of transparency and automating the privacy UX, for example, or giving all global clients access to privacy rights, whether they need it or not, treating customers globally similarly.