As reliance on technology and data has increased dramatically through the crisis, some tension has emerged between the increased use of data and the restrictions on data analysis and disclosure that may be imposed by privacy laws, posing a key question: "Have we reached peak privacy?"
Strong spotlight on Tech
As countries across the globe locked down, there was an acceleration in the implementation of new technology and digital solutions to predict and manage the virus, enable remote working, and deliver a broad range of services touching on almost every aspect of our lives.
This increasing use of tech and data-enabled services has brought a strong spotlight on tech which is a comparatively lightly regulated industry. In particular, there is scrutiny of major technology companies which are considered as part of nations' critical infrastructure due to their huge communication networks and strength in data management and logistics (read more in Section 6).
Another aspect of our increasing reliance on data is the way governments and private companies are collecting data as part of measures, such as contact tracing, to monitor and contain the outbreak of pandemics. Varying approaches are being taken across Europe, highlighting the difficulty in reaching consensus on the best approach.
The cultural divide between East and West is also a complexity – the apparent success of China and South Korea in containing the virus through rigorous contact tracing may advocate a more nuanced approach to privacy restrictions, whilst at the same time, the implications of increasing surveillance of citizens could be perceived as dangerous.
In the West, there are some concerns based on the past experience of terrorism legislation that increasing surveillance with tracking to contain the virus may be an irreversible change in the balance between surveillance and privacy.
Reconciling human rights with economic realities
It will be for countries and corporates to determine how to reconcile pre-existing rules regarding human rights (such as privacy and freedom of movement) with the decisions made in "digital crisis mode" and the resulting focus on the need to protect health and welfare, and the harsh economic realities of doing business in the new world.
We are seeing different approaches by regulators to the crisis. In financial services, we have seen a relaxation of some compliance requirements as regulators grant forbearance measures to financial firms in crisis. We have also seen data privacy regulators taking a more pragmatic approach in their guidance around data protection rules that could affect the ability of governments and businesses to deal with the crisis. Privacy regulators are concerned not to be seen to be standing in the way of necessary public health measures.
The need to adapt to changing attitudes
Firms and regulators may need to pivot to ensure they are sufficiently aligned with popular sentiment as peoples' priorities shift from physical to economic survival. While greater surveillance may be tolerated during a health crisis, attitudes may change once the immediate crisis has passed.
Trust will continue to be a key fact or as attitudes to corporates are likely to change depending on how they approached the crisis (including the treatment of workers and the delivery of services).
Those companies who can adapt successfully as attitudes change may benefit from the opportunities offered by the expediting of digital strategies, while those regulators who are sufficiently nimble to adapt their strategies to these rapidly changing times are more likely to remain effective and influential in the years to come.
Subscribe to our DigiLinks blog for data-related legal updates.
Organisations will need to navigate changing political, regulatory and social attitudes to privacy across the globe. - Julian Cunningham-Day Tech Sector Leader
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.