Connect with us


What can we expect from data protection in the year ahead?

Camilla Winlo, Head of Data Privacy at Gemserv

The past year has been a turbulent one for cybersecurity, with a number of high profile breaches hitting the headlines. The pandemic has of course played a central role in conversations around data privacy, while entire industries have been accused of data handling malpractice. So, what are the stories we can expect to see shaping the agenda in 2022?

Here are four developments we expect to see in the year ahead:

  • Polarisation around Covid vaccination data will increase

While there are early indications that the combination of vaccination, immunity from previous infection and the evolution of the virus may cause less significant symptoms in most, it still appears that Covid is capable of making unvaccinated and immunocompromised individuals very ill. In winter, this puts huge pressure on the NHS and the public purse, and we expect this to translate over time into increased pressure to encourage the unvaccinated to get vaccinated, and for society to impose different rules on the unvaccinated. We started to see this in 2021 and expect it to continue into 2022.

With different quarantine rules for vaccinated and unvaccinated employees and the possibility of compulsory vaccination on the horizon, more and more organisations are going to find themselves processing Covid vaccination data. Quarantine measures are set to continue to help stop the spread of the virus, which in turn, will mean that organisations will still need to incorporate a hybrid approach to work. Some employees will test positive for Covid and therefore will not be allowed to leave their homes, but they won’t have symptoms that would otherwise stop them from working. Others may have come into close contact with a positive case and will also need to isolate. All of this will have an impact on employers.

Going into 2022, we expect tensions between pro and anti-vaxxers to rise. This is unlikely to be mitigated much by the amount of real-world vaccine safety data that is available, which is what a lot of vax-hesitant people say they are waiting for, due to the polarisation of information availability and the fact that in some cases, vax hesitancy will be rooted in genuine and founded concerns, for example where individuals have health conditions that make taking the vaccine a more personally risky choice. That makes Covid status an employee safeguarding issue due to the risk of discrimination between employees. There will also be companies that want – or are compelled – to terminate unvaxxed employees, as well as some that will do the reverse.  We can expect to see these decisions appealed as the ‘grey area’ around what counts as a medical exemption is clarified.

  • Tighter regulations around ad tech

The European Data Protection Board (EDPB) published its 2021-2023 strategy in December, and part of that strategy includes more proactive monitoring of ad tech. Ad tech is under huge pressure to tighten up its data protection practices after the Irish Council for Civil Liberties sued a branch of the Interactive Advertising Bureau (IAB) and others over what it described as “the world’s largest data breach” in 2021.

IAB found itself under fire for its role facilitating a process known as real-time bidding, where personal data is passed between hundreds of ad brokers and related firms during an auction process in the moments before a website loads, on behalf of paying brands. During the milliseconds between clicking on a page and it loading, everything from the type of device an individual is using to limited location data and browsing history can be shared with brokers to better target that person.

The breach spurred numerous complaints from the likes of none of your business (noyb), the European centre for digital rights, and various court cases after finding that the ad tech industry is fundamentally unlawful because of the way it is structured. Better regulation around ad tech needs to be put into place not just for the advertisers themselves, but for online retailers, too. It’s going to be incredibly important for the economy as a whole that the ad tech industry gets this right, but there is a lot of work to do to get there.

  • Regulatory action around Artificial Intelligence (AI) will ramp up

While the European Data Protection Board (EDPB) strategy highlights the need for more proactive monitoring of AI use, the UK National Data Strategy focuses on making sure AI works and that the UK is a leader. Data privacy must be a priority or the result will be poor quality solutions that don’t work as intended. AI-specific regulations are set to be enforced and I think we’ll see some interesting actions.

After facial recognition company Clearview AI was issued a Notice of Intent to fine following a number of breaches of national data protection law, conversations around the practices of ethical data collection and analysis have come to the forefront of public attention. It’s essential that organisations that want to harness the possibilities of AI and data-driven innovation in the UK do so in a way that protects individuals.

Organisations should be entitled to trust that providers like Clearview AI are engaging in ethical practices and that their services can be used lawfully. It’s very reassuring to see the regulator taking strong action to make AI innovators trustworthy. Whether it’s fighting crime, preventing fraud or other forms of safeguarding through data, when the public and private sector combine, they must ensure the right processes are put in place in order to comply with data protection regulation.

  • Privacy Shield 2: A new basis for sharing data between the EU and the US

The Privacy Shield framework was the second attempt by the EU and the US to create a secure mechanism for data sharing. It was thrown out in court after judges deemed the framework insufficient to provide adequate safeguards for the transfer of personal data from the EU to the US, and they’ve been working ever since to replace it.

The exchange is a one-way deal – there are cultural differences between the EU and the US that mean that personal data in the EU is protected in different ways to personal data in the US. The purpose of Privacy Shield is to provide a way to allow EU data to be processed by US companies without losing those protections. I expect we will see some major announcements coming next year, which will include technological changes by Big Tech household names, and that in turn will lead to work for UK and EU businesses.

Regulations are indispensable to the proper functioning of economies and societies, and to protect those structures, we need to implement the right data protection measures. Having the right data protection regulations in place is critical to ensuring the proper functioning of organisations, and for ensuring that both customer and employee data is handled correctly. As businesses and governments continue to generate more data than ever, we need to take regulatory action to create secure, ethical data storage and sharing practices.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


AI and GenAI tools can add business value – but the right skills are vital to make this possible

Source: Finance Derivative

Faye Ellis, Principal Training Architect – AWS at Pluralsight

Generative AI has captured the imagination of many over the past year. However, aside from using ChatGPT to write our wedding speeches and do our kid’s homework, there are many ways to maximise the technology to add real business value and a competitive edge.

Getting the right skills in place for employees is also key for businesses. Whether employees are total beginners to AI or looking to move into advance uses, investment in the technology will only bring true business benefits if people are empowered to work with it effectively, try new applications, and do so securely.

Here are four examples of where AI, when used well, can bring real business value:

Build your own chatbots

Conversational chatbots and virtual assistants can increase customer engagement in an interactive and personalised way. They can be tailored to reflect brand voice, and be delivered in a consistent way across a site so customers always have access to timely support.

Amazon Lex, for example, makes it easy to build high-quality conversational interfaces powered by generative AI. 

Automate your repetitive business processes

Generative AI is ideal for automating repetitive tasks that don’t require high levels of creativity, such as reviewing and summarising contracts, generating project collateral, and code documentation. FAQ engines that handle common customer support and HR inquiries are expected to become commonplace. Marketing teams that need to develop campaigns in a similar style to previously successful campaigns, or automate customer outreach, will also find that they can easily automate these repetitive tasks with generative AI. 

Content marketers can use services like Bedrock to build a social media campaign for a new product or service. Marketers provide relevant data and prompts, and Bedrock generates copy and images for targeted social media posts. 

Incorporate generative AI into your cybersecurity

Generative AI can be used in risk modelling and assessing and interpreting the risk of cybersecurity incidents and findings.

Use generative adversarial networks (GANs) to create synthetic data, enabling security experts to anticipate what might happen during a cyber attack

Generate image, video, and text

Most of us are familiar with image, video, and text generation—the primary capabilities of generative AI. Use cases include creating original content, images, and summarising text.

Leading pre-trained AI models are available through SageMaker and Bedrock to help you get started quickly. Use Bedrock Chat Playground to experiment with various models using a chat interface.  

Getting your teams up to speed with AI

To start using these technologies, you need your staff to be skilled in using them.

Organisations might be accelerating AI adoption, but employees need the right skills – otherwise organisations risk facing an AI literacy gap. In fact, our recent research found that 80% of executives currently neglect employee training, and 20% don’t have an understanding of their teams’ AI skills.

By focusing on training the existing talent pool, it’s possible to propel them through the next wave of AI innovation, and fill talent gaps from within.

Continue Reading


How can businesses make the cloud optional in their operations?

Max Alexander, Co-founder at Ditto

Modern business apps are built to be cloud-dependent. This is great for accessing limitless compute and data storage capabilities but when connection to the cloud is poor or shuts down, business apps stop working, impacting revenue and service. If real-time data is needed for quick decision-making in fields like healthcare, a stalled app can potentially put people in life-threatening situations.

Organisations in sectors as diverse as airlines, fast food retail, and ecommerce that have deskless staff who need digital tools accessible on smartphones, tablets and other devices to do their jobs. But because of widespread connectivity issues and outages, these organisations are beginning to consider how to ensure these tools can operate reliably when the cloud is not accessible. 

The short answer is that building applications with a local-first architecture can help to ensure that they remain functional when disconnected from the internet. But then, why are not all apps built this way? The simple answer is that building and deploying cloud-only applications is much easier as ready-made tools for developers help expedite a lot of the backend building process. The more complex answer is that a local-first architecture solves the issue of offline data accessibility but does not solve the critical issue of offline data synchronisation. Apps disconnected from the internet still have no way to share data across devices. That is where peer-to-peer data sync and mesh networking come into play.

Combining offline-first architecture with peer-to-peer data sync

In the real world, what does an application like this look like?

  • Apps must prioritise local data sync. Rather than sending data to a remote server, applications must be able to write data using its local database in the first instance, and then listen for changes from other devices, and recombine them as needed. Apps should utilise local transports such as Bluetooth Low Energy (BLE) and Peer-to-Peer WiFi (P2P Wi-Fi) to communicate data changes in the event that the internet, local server, or the cloud is not available.
  • Devices are capable of creating real-time mesh networks. Nearby devices should be able to discover, communicate, and maintain constant connections with devices in areas of limited or no connectivity.
  • Seamlessly transition from online to offline (and vice versa). Combining local sync with mesh networking means that devices in the same mesh are constantly updating a local version of the database and opportunistically syncing those changes with the cloud when it is available.
  • Partitioned between large peer and small peer mesh networks to not overwhelm smaller networks if they try to sync every piece of data. In order to do this, smaller networks will only sync the data that it requests, so developers have complete control over bandwidth usage and storage. This is vital when connectivity is erratic or critical data needs prioritising. Whereas, the larger networks sync as much data as they can, which is when there is full access to cloud-based systems.
  • Ad-hoc to enable devices to join and leave the mesh when they need to. This also means that there can be no central server other devices are relying on.
  • Compatible with all data at any time. All devices should account for incoming data with different schemas. In this way, if a device is offline and running an outdated app version, for example, it still must be able to read new data and sync.

Peer-to-peer sync and mesh networking in practice

Let us take a look at a point-of-sale application in the fast-paced environment of a quick-service restaurant. When an order is taken at a kiosk or counter, that data must travel hundreds of miles to a data centre to arrive at a device four metres away in the kitchen. This is an inefficient process and can slow down or even halt operations, especially if there is an internet outage or any issues with the cloud.

A major fast-food restaurant in the US has already modernised its point of sale system using this new architecture and created one that can move order data between store devices independently of an internet connection. As such, this system is much more resilient in the face of outages, ensuring employees can always deliver best-in-class service, regardless of internet connectivity.

The vast power of cloud-optional computing is showcased in healthcare situations in rural areas in developing countries. By using both peer-to-peer data sync and mesh networking, essential healthcare applications can share critical health information without the Internet or a connection to the cloud. This means that healthcare workers in disconnected environments can now quickly process information and share it with relevant colleagues, empowering faster reaction times that can save lives.

Although the shift from cloud-only to cloud-optional is subtle and will not be obvious to end users, it really is a fundamental paradigm shift. This move provides a number of business opportunities for increasing revenue and efficiencies and helps ensure sustained service for customers.

Continue Reading


How 5G is enhancing communication in critical sectors

Luke Wilkinson, MD, Mobile Tornado

In critical sectors where high-stakes situations are common, effective communication is non-negotiable. Whether it’s first responders dealing with a crisis or a construction team coordinating a complex project, the ability to share information quickly and reliably can mean the difference between success and failure.

Long-distance communication became feasible in the 1950s when wireless network connectivity was first utilised in mobile radio-telephone systems, often using push-to-talk (PTT) technology. As private companies invested in cellular infrastructure, the networks developed and data speeds improved increasingly. Each major leap forward in mobile network capabilities was classed as a different generation and thus 1G, 2G, 3G, 4G, and now 5G were born.

5G is the fifth generation of wireless technology and has been gradually rolled out since 2019 when the first commercial 5G network was launched. Since then, the deployment of 5G infrastructure has been steadily increasing, with more and more countries and regions around the world adopting this cutting-edge technology.

Its rollout has been particularly significant for critical sectors that rely heavily on push-to-talk over cellular (PTToC) solutions. With 5G, PTToC communications can be carried out with higher bandwidth and speed, resulting in clearer and more seamless conversations, helping to mitigate risks in difficult scenarios within critical sectors.

How is 5G benefiting businesses?

According to Statista, by 2030, half of all connections worldwide are predicted to use 5G technology, increasing from one-tenth in 2022. This showcases the rapid pace at which 5G is becoming the standard in global communication infrastructure.

But what does this mean for businesses? Two of the key improvements under 5G are improved bandwidth and download speeds, facilitating faster and more reliable communication within teams. PTToC solutions can harness the capabilities of 5G and bring the benefits to critical sectors that need it most, whether that’s in public safety, security, or logistics: the use cases are infinite. For example, this could be leveraging 5G’s increased bandwidth to enable larger group calls and screen sharing for effective communication.

Communication between workers in critical industries can be difficult, as often the workforces are made up of lone workers or small groups of individuals in remote locations. PTToC is indispensable in these scenarios for producing quick and secure communication, as well as additional features including real-time location information and the ability to send SOS alerts. PTToC with 5G works effectively in critical sectors, as 5G is designed to be compatible with various network conditions, including 2G and 3G. This ensures that communication remains reliable and efficient even in countries or areas where 5G infrastructure is not fully deployed to keep remote, lone workers safe and secure.

The impact of 5G on critical communications

The International Telecommunication Union has reported that 95 percent of the world’s population can access a mobile broadband network. This opens up a world of new possibilities for PTToC, particularly when harnessing new capabilities for 5G as it’s being rolled out.

One of the most significant improvements brought by 5G is within video communications, which most PTToC solutions now offer. Faster speeds, higher bandwidth, and lower latency enhance the stability and quality of video calls, which are crucial in critical sectors. After all, in industries like public safety, construction, and logistics, the importance of visual information for effective decision-making and situational awareness cannot be overstated. 5G enables the real-time transmission of high-quality video, allowing for effective coordination and response strategies, ultimately improving operational outcomes and safety measures.

Challenges in Adopting 5G in Critical Sectors

While the benefits of 5G are undeniable, the industry faces some challenges in its widespread adoption. Network coverage and interoperability are two key concerns that need to be addressed to ensure communication can keep improving in critical sectors.

According to the International Telecommunication Union, older-generation networks are being phased out in many countries to allow for collaborative 5G standards development across industries. Yet, particularly in lower-income countries in Sub-Saharan Africa, Latin America, and Asia-Pacific, there is a need for infrastructure upgrades and investment to support 5G connectivity. The potential barriers to adoption, including device accessibility, the expense of deploying the new networks, and regulatory issues, must be carefully navigated to help countries make the most out of 5G capabilities within critical sectors and beyond.

However, the rollout of 5G does cause data security concerns for mission-critical communications and operations, as mobile networks present an expanded attack surface. Nonetheless, IT professionals, including PTToC developers, have the means to safeguard remote and lone workers and shield corporate and employee data. Encryption, authentication, remote access, and offline functionality are vital attributes that tackle emerging data threats both on devices and during transmission. Deploying this multi-tiered strategy alongside regular updates substantially diminishes the vulnerabilities associated with exploiting 5G mobile networks and devices within critical sectors.

While the challenges faced by the industry must be addressed, the potential benefits of 5G in enhancing communication and collaboration are undeniable. As the rollout of 5G continues to gain momentum, the benefits of this cutting-edge technology in enhancing communication in critical sectors are becoming increasingly evident. The faster, more reliable, and efficient communication enabled by 5G is crucial for industries that rely on real-time information exchange and decision-making.

Looking ahead, the potential for further advancements and increased adoption of 5G in critical sectors is truly exciting. As the industry continues to address the challenges faced, such as network coverage, interoperability, and data security concerns, we can expect to see even greater integration of this technology across a wide range of mission-critical applications for critical sectors.

Continue Reading

Copyright © 2021 Futures Parity.