BT Group Data Protection Officer Janine McKelvey expects privacy professionals will become very well acquainted with advancements in 5G telecommunications technology. 5G builds upon previous 4G networks and is part of the evolution in telecommunications technology. No doubt the technology will allow for dramatic new technological innovation, but at the same time, it poses some privacy issues. 

The new networks allow for data to be transmitted from a wider number of internet-of-things devices to mobile carriers. The data they will receive will be much more specific and generated faster than ever before with lower latency.

5G also offers higher bandwidth than previous networks. McKelvey likens it to a freeway with more lanes than its predecessors, allowing for traffic to move faster and more cars to be on the road.  

Privacy professionals may feel 5G represents a whole new frontier full of challenges. The GSMA, a mobile communications industry group, is in the midst of finalizing a white paper on the potential privacy risks surrounding 5G. With highly accurate data coming in at faster speeds, privacy professionals will have to focus on ensuring organizations are transparent with how data is used and how to handle gathering consent for data processing activities happening in real time.

The entirety of 5G may seem overwhelming; however, McKelvey believes 5G can also be a great opportunity for privacy professionals, as long as they take the proper precautions.

As part of their research efforts on 5G, McKelvey and Maersk Data Privacy Compliance Officer Petruta Pirvan, CIPP/E, have crafted a survey to gauge privacy pros' attitudes toward the technology.

"I think we should be thinking about 5G as a privacy enabler," McKelvey said. "There clearly are risks, and we will have to address them like with 4G and the cloud, but actually if you spin it on its head, 5G becomes an opportunity for companies to provide a lot more for both businesses and consumers, to drive the economy and to help privacy-enhancing technologies to evolve."

Pirvan put into perspective just how much data 5G networks can generate. According to Pirvan, the average person will produce one gigabyte of personal data per day via 5G. Those numbers go up to three terabytes for a connected hospital and five terabytes for a connected aircraft.

To obtain consent and showcase a level of transparency, McKelvey said privacy tech companies should "enhance or harness" 5G technology to create new solutions. These tools can capture consent in real time and deliver privacy notices in a way that is both fast and does not hinder the user experience.

McKelvey provided an example of how this might work. An app could be created that allows users to store their privacy preferences for specific IoT devices. As the user interacts with anything connected to the IoT, the devices would recognize the app and honor the user's settings as they go about their day.

Data governance is another area that may see enhancements via 5G, but it may need to be upscaled out of necessity. McKelvey said organizations that worked to comply with the EU General Data Protection Regulation and California Consumer Privacy Act mostly modify their data repositories and map their data transfers and flows manually. McKelvey doesn't think this can continue to be feasible.

"When you talk about the volume of data that 5G can produce and the real-time speed of it, you cannot be updating everything manually. It just won’t work. That means you either fall out of compliance pretty quickly or we need technology companies addressing compliance to come up with more artificial intelligence and machine learning and interactive ways of upkeeping data repositories and keeping them up to date," McKelvey said.

Privacy professionals may also be able to leverage 5G into job opportunities. Privan said the technology covers so much territory, privacy teams will need staff with specific skill sets.

"I believe that we will not only need more privacy professionals, but also specialized people that could have an in-depth knowledge of specific topics," Pirvan said. "5G will provide discussions around edge computing, storage of data and around privacy elements that would require in-depth knowledge. Plus, on top of this there are so many privacy laws that are coming forward today from all over the world."

McKelvey added the next generation of privacy professionals will see 5G as the norm and that everyone in the industry will have to adjust to an increasingly digital world.

"One way or another they are all going to have to understand 5G, but you may have some then who will need to specialize in it because they have to understand it into the weeds to be able to conduct privacy impact assessments properly or to be able to write the correct provisions into contracts and deals," McKelvey said.

Privacy professionals may stand to gain from 5G, but they still must be cognizant of the challenges the technology poses. McKelvey said any organization that uses 5G must be transparent in how they are using the data it collects. Should they fail to do so, the populace may voice their concerns about data misuse. Those companies must be prepared to take on an educational role to avoid this dilemma. 

"There’s no way we are going to be involved in allowing 5G to be used in an anti-privacy way or a way that violates human rights," McKelvey said. "If anything we are going to champion being tech angels and privacy advocates. There’s going to have to be a certain amount of transparency so that people understand, because when they don’t understand, then you start getting some crazy stories running around out there."

Pirvan pointed to consent as a 5G challenge privacy professionals will also have to face. She said the user experience would suffer should they have to provide consent for each data processing activity, especially with sensitive information, such as location data that requires explicit consent.

There is also the matter of keeping track of all the different rules and regulations. Pirvan said network providers may find themselves falling under laws they did not need to previously follow. Carriers, on the other hand, may be better suited to handle the 5G era.

"If you use an application that collects biometric and health information, the network provider needs to look to see if they have to comply with (Health Insurance Portability and Accountability Act) regulations," Pirvan said. "The carriers are better ambassadors for consumer privacy precisely because they have these very highly regulated obligations and, for a long time, they have built entire infrastructure based on the privacy rules."

McKelvey said 5G is still in its infancy and that there is still a lot to learn about the technology. As the world slowly unlocks the totality of 5G, McKelvey believes there is an opportunity for it to be used as a tool for good. It's particularly relevant given how the world is wrestling with using data to track the current COVID-19 outbreak.

There may come a time in the upcoming months and years for 5G to play a part in the response to the pandemic — or any other natural disaster, for that matter — highlighting yet another set of opportunities and challenges the technology poses.

"We need to think, in a privacy-centric way, how do we better prepare for the future in the post-COVID-19 world, because bear in mind we could face a mutation of this virus years from now," McKelvey said. "I think 5G will allow us to be able to track how people move and how the diseases spread." 

Photo by israel palacio on Unsplash