Privacy Leaders’ Views — The Impact of COVID-19 on Privacy Priorities, Practices and Programs

Last Updated: November 2020

During summer 2020, 21 privacy leaders from industry, government and academia graciously shared their views on the impact of COVID-19 on privacy priorities, practices and programs. Each participated in a 30-minute interview to inform the IAPP and EY’s joint research project on COVID-19 and privacy. We captured their experiences, challenges and recommendations in this five-part series.


Part 1: Introduction
Part one introduces the 21 leaders who shared their thoughts on the impact of COVID-19 on privacy priorities, practices and programs, and the key takeaways they offered. Their perspectives and priorities reflect their vantage points and the role each plays in shaping and responding to the new reality brought on by the pandemic.


Part 2: Immediate Industry Response
Part two describes industry privacy leaders’ immediate response to the pandemic. As companies sought to operate amid government-mandated quarantines, social-distancing rules and contact-tracing efforts, they introduced new health safety protocols, shifted to remote work, increased virtual engagement, and supported government test and trace efforts. Amid the deluge, privacy leaders said employee health data collection and providing a secure and effective virtual work environment for employees and customers were their top priorities.


Part 3: The New Reality and Strategic Priorities
Part three presents privacy leaders’ views on the new reality brought on by the pandemic and its implications for privacy practices and programs. Across the board, privacy professionals expect that the future will be more virtual, privacy will remain a strategic priority, and as privacy budgets flatten amid increasing demand, companies will automate less-complex data protection tasks.


Part 4: Surveillance and Data Sharing for the Public Good
Part four focuses on the impact of COVID-19 on surveillance and data sharing for the public good. Privacy policymakers and regulators across countries and continents expressed similar concerns about the rise and normalization of surveillance across all aspects of our lives, by governments and companies. Many cited the increase in surveillance as the top privacy challenge in the wake of COVID-19.


Part 5: Building Trust through Industry Action, Legislation and Enforcement
This final piece describes privacy leaders’ thoughts on how companies, legislators and regulators can build trust in data protection now and moving forward. Transparency, data ethics, purpose limitations, user-centric design and technical controls can all help, but industry cannot overcome the trust deficit alone. Policymakers and regulators shared their thoughts on the efficacy of current laws and enforcement regimes and the changes needed to protect privacy and combat the current or future pandemics.


Contributors

 



Approved
CIPM, CIPP/A, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPT
Credits: 3

Submit for CPEs