ePrivacy & Data Protection

The Complex Web of Data Privacy and Its Influence on AI Ethics, Competition & Tech Evolution

At a conference I attended a few years ago one of the presenters posed the question “Do you own your digital identity?” Most people in the room thought if they didn’t already, they definitely should, but at the very least they should have control over how their digital identity is used. Once the conference ended most of us probably logged onto a phone or laptop to read the news, shop online, or watch a dancing kitty somewhere on social media. A thought about how much personal data we were freely supplying the Internet while we browsed probably didn’t happen.

As we’ve moved faster and faster into the digital age, the amount of data generated and collected has skyrocketed. What’s different today is a greater recognition by corporates, governments, and individuals about the value of that data. With this recognition comes increased calls for global regulation plus increased scrutiny over Big Tech and the amount of data they now control. And in the coming regional race for dominance in artificial intelligence (AI), the ethical use of those large pools of data is essential to avoid discrimination, bias, and widening societal divides.

In our first two Citi GPS reports on ePrivacy we went into the details of the EU’s General Data Protection Regulation (GDPR) and talked about what companies needed to do to avoid substantial fines for non-compliance. The GDPR was intended to increase transparency, tilt the balance of power back towards consumers, and place privacy by design and default at the heart of how businesses operate.

Two years later, it has elevated the prominence of data privacy to the boardroom level but the full fining power of the regulation has yet to be tested as regulators lack sufficient funding and resource and there is evidence it may have unintentionally reinforced the strength of the Big Tech platforms. AdTech is being closely scrutinized by the regulators, prompting Big Tech to drive changes which could upend how this industry operates today with far reaching consequences for brands.

New GDPR-style regulation is cropping up in multiple markets. Privacy technology solutions are emerging to help manage regulatory requirements. Consensus is building for global cooperation around data protection and privacy and an attempt to develop global AI Ethics could trigger more innovation. True harmonization of global policy looks to be a long way off due to cultural, political, and societal differences meaning corporates will need to continue navigating the complex web of data-related regulation.

The race between countries and regions to become an AI superpower exacerbates the regional divides further, especially when data sits in the hands of a few. Europe is losing the tech battle to the U.S. and China and instead will look to regulate its way to a level playing field. Increasing recognition of the value of data has also led to a jurisdictional crossover between data protection regulation and competition authorities. As Big Tech controls more of the data, the lens through which antitrust concerns are judged has been shifting and platform-specific regulation could arise.

In the future when someone asks if you own your digital identity, innovation should drive the answer to ‘absolutely yes’. Only then will your secret be safe about watching dancing kitties.