Companies still lack adequate data privacy tools

93 percent of IT professionals agree that customer data privacy concerns are a critical issue at the C-level. Yet, only 9 percent percent believe current privacy and consent methods are adequate.

data privacy

When asked about the requirements of new data privacy and consent methods, 96 percent agreed that there is an increasing need for dynamic and flexible privacy tools that are adaptable to future borderless regulatory requirements and consumer expectations.

A new ForgeRock study revealed regional differences in opinions towards data privacy between U.S.-based and EMEA-based IT professionals. While 84 percent of U.S. IT professionals believe that the U.S. will eventually adopt similar personal data protection regulations to Europe, responding European IT professionals were more skeptical with only 66 percent agreeing that the US would implement data privacy regulations similar to those in European.

A rapidly shifting regulatory landscape

The regulatory environment for data privacy is currently in an unprecedented state of flux as the Safe Harbor framework governing personal data transfer and storage between European Union countries and the United States was struck down by the European Judicial Court in late in 2015. A replacement agreement for Safe Harbor, the EU-U.S. Privacy Shield Framework, has been announced, but is yet to be finalized, and it remains unclear whether the proposed new agreement will survive judicial scrutiny. In addition, the emerging General Data Protection Regulation (GDPR) – another EU initiative – promises to place additional strictures on how private and public organizations can manage personal data.

data privacy

When asked about the impact of the emerging data privacy regulations:

  • 96 percent of IT professionals believe emerging European regulations for data protection are creating a need for better tools and standards for ensuring personal data protection, privacy and consent
  • 84 percent of U.S. respondents (and 87 percent of APJ-based respondents) believe the U.S. will eventually adopt similar personal data protection regulations as Europe
  • Only 66 percent of EMEA-based respondents believed that the U.S. will eventually adopt similar personal data protection regulations as Europe.

Customer data privacy expectations

When asked about the data privacy expectations of their customers 95 percent agreed with each of the following statements:

  • Individuals are becoming increasingly more concerned about their personal data privacy and their ability to control, manage and share data about themselves online
  • Organizations want to build trust by giving customers the ability to consent to data sharing and control over whom their personal data is shared with
  • The ability to preserve and prove customer privacy builds loyalty for their brand.

data privacy

The need for a new approach to data privacy

Recognizing that ensuring data privacy and consent has become a critical issue but is also very complex, we asked IT professionals if they had the tools needed to meet regulatory and customer requirements. Not surprisingly, the majority of surveyed IT professionals believe that current methods are inadequate and new privacy and consent methods are needed which are dynamic and flexible.

  • 9% percent said that current methods (i.e., check boxes, cookie acknowledgment) used to ensure data privacy and consent will be able to adapt to the needs of the emerging digital economy
  • 96 percent agreed that data privacy and consent methods need to be dynamic and flexible so they can adapt to emerging regulatory requirements and consumer demands.

“As our survey illustrates, coping with regulation – privacy or otherwise – is no longer just a cost center for organizations. As connected devices and technologies take on a greater role in public and private life, there are massive business benefits to building in new identity and data privacy solutions that can scale over time,” said ForgeRock’s CEO, Mike Ellis. “Organizations clinging to legacy identity management technologies – which are currently inadequate – will be at a major disadvantage.”