Data Privacy Forecasts for 2020

Originally published at:

2019 was a tumultuous year for data privacy as numerous big-ticket hacks dominate media headlines. On the other hand, last year also saw the enactment of more stringent regulations on protecting data privacy like the California Consumer Privacy Act which came into force this January.

With 2020 now in full swing, it’s clear that the data privacy debate is far from over. CNBC reports that the hotel chain Marriott has been the victim of yet another data breach. This time it exposed the data of 5.2 million guests including names, addresses, and contact details. Earlier in the year, around 200 million modems using the middleware chip produced by Broadcom had shown vulnerabilities that were exploited.

Therefore data privacy remains top of the agenda for stakeholders across the table – be it consumers, businesses, and regulators. While it remains a broad topic, here are some of the things you need to keep an eye on in 2020:

Cloud data breaches will rise

Cloud technology will remain an attractive target for cybercriminals. The Capital One breach last year, which stemmed from a flawed firewall implementation, has shown how vulnerable cloud infrastructures are. Indeed, 250 million Microsoft accounts were compromised this January. While some data was redacted, the data that wasn’t included IP addresses, locations, and internal notes that were marked “confidential”, customer email addresses, as well as Microsoft support agent emails, case numbers, resolutions, and remarks. From these access credentials, cybercriminals can snowball the attacks to widen the scope of breaches.

Health data is a possible flashpoint

After last year’s debacle on Google’s health data aggregation project called Project Nightingale, this year will heighten the debate of who has access to digital healthcare data even more. US President Trump has recently announced new data rules that will give patients more access to their health data and medical records. While it’s a huge win for patient rights, some organizations like the American Medical Association are concerned about the data privacy consequences. Despite the considerable number of apps and companies now collecting American’s health data, AMA professionals warn that it may give corporations unprecedented access to sensitive data once the patient uses their app.

5G will be a security risk

Advancements in technology come with their own pitfalls as threats to cybersecurity abound. As tech becomes even smarter, these threats likewise become more sophisticated and intricate. Hardware vendors like HP are warning customers that it is easier nowadays for people to fall victim to data breaches given our total dependence on the Internet. In this case, most people will soon be relying on the new fifth-generation wireless technology for their online needs. While 5G technology will provide better security than its predecessors, it also comes with new risks such as fake base station attacks which tricks devices into connecting to a hacking device. Another area of vulnerability is that cybercriminals might exploit the 5G to Wi-Fi handover to try and gain access to user data.

Voice privacy is a major concern

More searches are being done each day through voice and voice-activated devices. With the increasing use of smart speakers and the integration of smart assistants into virtually any device, it’s a growing concern. A recent report from a Northeastern University study found that smart speakers activate as many as 19 times a day and record up to 43 seconds each time. Following numerous lawsuits and regulatory nudges, Amazon quietly rolled out a “no human listener” option into its smart speaker options. Together with the CCPA, smart home manufacturers have recently added a ‘delete recording’ option because, as Joshua Montgomery notes in his article, “deleted data is the most secure”.

Data privacy will remain one of the top concerns in 2020. Amid the background of increasingly complex and ubiquitous cybersecurity attacks, no one can take data privacy for granted anymore.