Buyer Beware: Many things that go up, eventually come down…
There are several technologies in the market that claim to help you fulfill your compliance obligations with regards to local or global privacy regulations. Some technology-based tools have been designed from a pure technology and data governance perspective, while a few, very few, have been architected from the point of view of a regulator, or a data privacy officer.
The hype cycles of innovation within this technology market are largely based on the convenience with which the tools are able to make transactional decisions, based on the types of data being collected or processed; however, this tends to put the tool right up against a compliance framework, instead of adhering to the spirit of the privacy laws in the first place, which invariably demands more context.
Without being well versed in the privacy landscape, one is tempted to see this arena much in the same way that we look at cybersecurity. Unlike cybersecurity, data privacy contains a multi-faceted complexity related to the contextual aspect of data sensitivity and categorization, and it also contains a strong component of legal interpretation, much of which has been the focus of recent discussions across the globe.
Some technology-based tools have been designed from a pure technology and data governance perspective, while a few, very few, have been architected from the point of view of a regulator, or a data privacy officer.
This is where an analysis of the tools and an understanding of which ones are going to stand up against regulatory scrutiny is important. The litigation volume in privacy is still very small, but as precedent begins to shape the interpretation of the laws, smart buyers will seek to obtain tools that will understand the context of the data, more that the mere values within it.