Skip to main content

The Privacy Regulation Inflection Point

Congratulations! We’re all in a growth area—the ever expanding footprint of privacy compliance regulations around the world. We’re now about eight months into General Data Protection Regulation (GDPR) being live, and the world is still turning. Up ahead, we see the California Consumer Privacy Act due to go live in early 2020, along with Brazil’s General Data Protection Law. What’s driving this, where is it heading and what can we do about it?

Let me turn this around: This trend is a chance for all organizations to embrace privacy compliance and use it as a transformation opportunity to better serve clients, partners and employees, focused around their personal data. What company today isn’t data-driven? Organizations of any size can benefit from finding, using and leveraging the right data, at the right time, in the right way, to get to actionable insights and outcomes, providing ever more personal tailored goods and services to clients. Who of us doesn’t want a more personalized unique service?

Two years ago, IBM conducted a risk impact assessment around GDPR and determined we’d best serve everyone by embracing it as a global transformation opportunity—not just focusing on engagements and services in Europe. Along our journey (shared at, we were able to better rationalize, refine and focus around customer-centric transactions and deliverables, striving to meet the transparency and accountability requirements that privacy regulations like GDPR expect.

For all privacy regulations, technology and solutions such as those from IBM can help organizations accelerate compliance by providing key frameworks for personal data discovery, classification, mapping, management and responses. For instance, IBM has worked to embed “Privacy by Design” as a client- and privacy-centric change strategy, baked in across the business including development, testing and offering management globally.

We’ve also seen the value in investing to add machine learning into our privacy solutions, enabling you to do more, faster, and with fewer resources—the reality of most compliance programs today. Machine learning for personal data discovery can expedite your ability to find and map what personal data you have where, across the business, while also accelerating your readiness for records of processing regulatory response demands, etc. You can evaluate and try some of these yourself by visiting .

We’re at a privacy inflection point. Today’s business models are increasingly centered around targetting and monetizing personalized data. Regulations are refreshing and enabling privacy rights for more and more consumers. We can and should use these standards to hold businesses accountable for what information they have on us and how it's acquired; to demand this is done more securely while in their custody; and for us to transparently see and be able to change or revoke the purposes for which our data is used.

Rights such as data portability enable us further to obtain a reusable digital copy of our data that we can then use to automate moving our business to a competitor. Think about how easy it is to preserve your current mobile phone number (personal data) and still change providers when you choose to do so. Transform around privacy regulations and give your customers transparent accountability into their worth to you.