New Delhi, Feb 15 : Privacy lawsuits and claims related to biometric information processing and data being captured by automobiles, drones and smart cities will result in over $8 billion in fines and settlements globally by 2025, a Gartner report said on Tuesday.
Autonomous vehicles, drones that capture video, smart buildings and smart cities are cyber-physical systems that capture biometrics of all kinds.
”The collection and storage of biometric information is gaining, whether in the form of fingerprints, iris scans, remote recognition of face, gait, voice, or even DNA samples.But this information has huge potential to be misused or abused,” said Bart Willemsen, research vice-president at Gartner, during a session at the ‘Security & Risk Management Summit’.
New privacy laws cover the capture, conversion, storage and processing of biometric data, and can even apply to face tagging technology in social media.
They may also come with a retention regime, and may prohibit selling, leasing, trading or profiting from biometric data.Some prohibit the usage of biometric information in certain use cases altogether.
“In such cases, it is important that security and risk management leaders and privacy leaders consider alternative, less invasive means to achieve the intended purposes, explaining all necessary information to the customer without any caveat,” Willemsen noted.
Gartner predicts that by 2024, large organisations’ average annual budget for privacy will exceed $2.5 million, allowing a shift from compliance ethics to competitive differentiation.
Privacy budgets increased from $1.7 million in 2019 to $2 million in 2021 and are expected to continue to increase at a steady rate.”The sudden uptick in online activity, remote working, and virtual learning increased cyberthreats.With the expansion of privacy regulation efforts across dozens of jurisdictions in the coming two years, many organisations will only see the need to start their privacy program efforts now,” said the report.The organisations need to first gain full control in detail over all personal data processing activities before they can hand over that control to the individual.”The customer will experience the difference between having to wait weeks for an incomplete answer, or within seconds having full access to the answer to the question ‘what data does an organisation process on me?’ That difference is where trust is gained, or lost,” added Willemsen.na/arm
The budget for privacy has were increased by $1.7 million in 2019 to $2 million in 2021 and are expected to to grow at a steady pace.”The rapid increase in online activities, remote working and virtual learning have increased cyber-security threats.With the growth of privacy regulations across a variety of countries in the next two years, many organizations will only be able to see the need to begin their privacy initiatives now,” said the report.The organizations must first gain complete control in the finer details of the processing of personal data before they are able to transfer the control to individuals.”The person who is the customer will feel the distinction between waiting weeks for an answer that isn’t accurate or having the complete answers to the question , “What information does the company collect on me? This is the point at which trust is earned or lost” explained Willemsen.
