Let’s acknowledge some simple truths, reflected in
ISACA’s Privacy in Practice 2023 report. First, the elephant “herd” in the room. Privacy is yet to have an established corporate figurehead. Privacy is significantly underfunded and generally does not have adequate governance.
The
conviction of a former CSO of a global company on federal charges shook the privacy and security communities. Yet, regulators have been mostly friendly to businesses and have not yet flexed their own Supervisory Technology (SupTech) muscles, if we take a mostly Western-based view. If we look to other regulatory realms such as Asia (namely, Singapore and China) we can observe more technical-driven approaches to regulation and a state-of-the-art tech ecosystem. “Tech” applied by regulators, at scale, could rapidly change the outlook into a much more informed and damaging “heavy hand” (especially if aimed at the areas of “market abuse” and “algorithmic cartels” that the industry should really avoid).
