Now that it’s January and everyone is finally returning to the reality where things don’t always taste like peppermint or eggnog (or both, which is just….no), it’s a good time to think about how you’re going to approach 2019.  This time of year is rife with predictions and, more often, guesses about what privacy, tech, and law will bring in the coming months.  Most of those predictions will be wrong, and so we figure that it’s worthwhile to offer some sensible guidance.  So here you are, our prognostications for the year:

Three Predictions 

1. There will be no comprehensive US Data Security Law in 2019.

This may seem surprising given the seeming momentum behind data security legislation in 2018, but we don’t see it happening.  There wasn’t a serious effort to move bills through committee in 2018, partly because most of the bills proposed were sponsored by legislators with, to be honest, fairly little input from privacy professionals or experts.  Ron Wyden’s bill, which we discuss here, was an example.  Watch for plenty of talk, maybe even one or two proposals, but nothing that gets signed.  If, you know, they ever open up the doors.

2. Regulators will drop the hammer.

Despite the huge “GDPR Effect” propelling new compliance and privacy efforts from companies around the globe, European DPAs imposed no stunningly large fines or company-destroying sanctions.  And, even though the FTC had a strong year in terms of enforcement, nothing dramatically accelerated the slow but steady accretion of power over privacy regulation in the Commission’s remit.

We anticipate that both of those things will change in 2019.

In the US, we believe that the FTC’s recent “listening campaign” about consumer protection and privacy is a predicate to a shift (read: expansion) of their approach to data enforcement.  Given the lack of guidance from Congress, FTC will, we believe, produce a report on its hearings that indicates a need for more robust enforcement and calls for closer scrutiny of data-sharing practices.  While this will not change the legal landscape much, it will be an important step in cementing FTC’s regulatory power and, in all likelihood, form the basis for whatever legislation that actually passes through Capitol Hill.

In Europe, Data Protection Authorities need to demonstrate credibly that their newfound GDPR powers can, and will, be used.  Public anxiety about data misuse continues to grow, as does the attention paid by legislators.  The activities of a few well-known companies (cough *Facebook* cough) drive the perception that there is no privacy, or that governments permit business to do whatever they like with personal data.  If DPAs are to survive, that impression has to change, and we expect that it will with some spectacular fines and penalties this year for repeat offenders (cough *Facebook* cough).   While that does not mean that every company is going to see enforcement agents swooping in (with snazzy jackets, perhaps), it does mean that there will be more scrutiny across the board, and so all the more reason to strengthen your compliance efforts now.

3. Data integration and cross-walking will make major leaps ahead.

When you ask a digital assistant a question, the process is a near-instantaneous search of existing data, internet resources, and compiled answers, including answers already provided to you in the past.  The dynamic learning ability of a system like Alexa — or, indeed, any AI/ML system — is cumulative, which means that as the years go by, these systems learn more, understand more, and process more efficiently.  We’ve discussed in the past how that can be a troubling thing, particularly when it comes to automated decisionmaking, but the simple point for today is that Alexa, Siri, Cortana and their kin all know vastly more today than they did on January 1, 2018.

As those stores of information and recorded data grow, so will the ability to integrate data across platforms and make it more usable.  Again, we’re not talking (today) about if this should all take place, just that it is taking place.  And, if managed properly, the sharing of this data can unlock opportunities and convenience.  It isn’t just about overlaying datasets on weather, traffic, recent Yelp ratings, and discount offers to identify which sushi restaurant you should pick for dinner.  It’s about creating opportunities through the merging of new, perhaps unexpected datasets – a process that can create extraordinary growth for companies and new opportunities for individuals.

Our bet is that one of the GAFAM companies will announce an AWS-style method for allowing customers to make use of AI/ML on a SaaS basis, enabling more robust data analysis and, potentially, more profits.  And though it makes sense to approach any new method with caution, we believe that finding ways to understand your data better is always a good strategy.

Three Books to Read

1. Data Leverage.  You’ll laugh, you’ll cry, you’ll leverage.

2. The Known Citizen, Sarah Igo.  A great examination of how Americans came to think about privacy in the 20th century.

3. Like War: The Weaponization of Social Media, P.W. Singer and Emerson Brooking.  Fascinating and terrifying insights into how Twitter flame wars become actual shooting wars.