Prior to the rapid spread of COVID-19 from China at the beginning of this year there were many expectations in relation to the possible changes in data privacy legislation for 2020.
The pandemic has, certainly, placed a strain on budgets and some of the plans that were being formulated by those responsible for cybersecurity developments. There will likely be more of a focus on improving the security measures for remote workers and ensuring that training sessions are still conducted using video conferencing. Even the United Kingdom Prime Minister Boris Johnson was guilty of almost sparking a data breach when he unwittingly shared a photo containing a Zoom conference ID tag.
Three trends that were expected to emerge this year were identified as the introduction of new legislation, standardization of social logins across all platforms and the ongoing efforts of cybercriminals to obtain your valuable private credentials.
New legislation had already been expected and has been progressing. The California Consumer Privacy Act will be enforceable as of July 1 2020. However, a more recent development in California is that a more stringent set of privacy rules, known as the California Privacy Rights Act (CPRA) has been added to the state’s November ballot. This legislation is seeking to enhance the rights of the CCPA. Elsewhere in the United States the introduction of measures to enhance security during the COVID-19 Pandemic has led to renewed calls for a federal data privacy legislation. Temporary measures were introduced by the Senate to enhance security during the emergency period.
Elsewhere in the world, Brazil and Thailand are due to introduce new privacy laws which will impact any organization that does business in these countries. Other countries are also drafting new data privacy legislation including India and South Korea.
We have already seen how quickly hackers have shifted their attention to the low-hanging fruit of remote workers. Due to the speed with which companies had to make provisions for remote working during February, April and May a number of security measures and training are likely to have been disregarded. While they now seek to address this, cybercriminals have moved quickly to attack platforms including Zoom.
The remainder of 2020 is likely to see new security measures added to all platforms and additional training for employees as organizations try to reduce the possibility of human error leading to a data breach. Sadly, we will also likely see an influx in news related to breaches occurring due to breaches caused as a result of remote working.
In relation to Social Media, which is being used more than ever as people rely on it to stay in touch with friends due to social distancing measures, the gauge of the success of the login standardization will be the implementation of Sign In With Apple (SIWA). If it is successful it may lead to other companies following suit and putting in place a strong security system and more simple access.
The expected evolution of data privacy during 2020 was totally shifted by the COVID-19 pandemic and the focus shifted to new legislation and enhancing the security of remote workers.