Data protection has changed dramatically with the passage of the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). These two landmark pieces of legislation are intended to bring some degree of consistency to the collection and use of personal information for one of the world’s largest trading blocs and the most populous US state, respectively.
However, the regulatory and market environment is constantly changing, and it is safe to say that 2022 will see further developments in the area of sovereignty and data protection. The UK government is preparing changes to data protection regulations, and in Europe, projects such as Gaia-X aim to set standards for the creation of a sovereign cloud for the region, with the aim of making it easier for businesses operating in the EU to physically store and manage their data, thereby increasing Europe’s digital self-sufficiency.
Gaia-X involves seven different EU member states and china mobile database of businesses. Initiatives like these can open up new market opportunities for businesses and, more generally, encourage them to put consumer data privacy at the forefront of their strategy. Regulation in this area is a force for good, allowing companies to maximize the value of their data without alienating customers. While organizations use data to make their products, services, and operations better, they must do so in accordance with rules that do not conflict with the public interest.
Improving cyber resilience
The increasingly complex regulatory environment means that companies will have to get serious about protecting and managing their data. Many will need to have greater control over where their data workloads reside, whether that means using hybrid cloud architectures to combine the benefits of public clouds and on-premises deployments, or moving to edge computing to place data where end users are—at the edge of the network rather than in corporate data centers.