Everyone is talking about the sexy technology developments around VR event experiences, facial recognition, etc. Yet one critical area of advancement that must correspond with all of these technology enhancements is consumer data privacy and controls.
Data privacy will continue to shake the events world for the foreseeable future. Our consumers and operators might not be excited about this advancement but the changes we saw in our industry with GDPR are just the beginning. We will continue to see additional legislation and regulation around data privacy, and event technology operators and platforms must advance to keep up with new compliance expectations.
Data handling and the new legal landscape
Almost monthly we learn of new and proposed data privacy regulation and increasing oversight on data handlers. Triple Pundit gives a good rundown of the current legal landscape:
- California is leading the way at the state level, with the California Consumer Privacy Act of 2018 going into effect next year.
- New Jersey, Rhode Island, Oregon, Colorado, Arizona and Virginia are all following suit with their own enhanced privacy regulations.
- At the country level, Russia passed stringent new data protection and privacy laws that dovetail with GDPR regulations, but with some specific differences.
- Congress is also considering creating consumer privacy protection policies at the federal level.
For events with global audiences, providers need to be thoughtful of not only how they process the data they collect, but also where the data resides. For example, Russian data localization laws require that some types of data collected on its citizens is stored on servers within Russia.
Consumers will demand better data handling
Many of the most exciting event technology advancements, such as facial recognition, have the ability to greatly improve the experience for attendees. This is a good thing for the industry overall. At the same time, these advancements come with a slew of real and perceived privacy concerns. Whether the data collected by these new technologies is considered any more sensitive than what has traditionally been collected (first name, last name, title, contact info, etc.) or not, there is no question these technologies greatly increase the quantity of data being held (facial recognition, thumbprint/grid, tracking data by cameras, etc.). As the technology footprint increases at conferences, so does the need for robust data control and handling.
The event industry cannot afford a “wait and see” approach on data handling compliance. Large companies such as Microsoft, Google and Facebook that are all in the consumer privacy spotlight have built new tools allowing consumers to view and manage what data is held on them, and how it is used.
Moving forward, event attendees will expect to be able to view and control the information held on them with ease. Many event platforms are not prepared for this, and are still trying to get a handle on how to best surface this information to the end-users, and how to provide them with control over that data. As we embrace the massive potential of event technology advancements, we must stay aware of the technical measures required for protecting and managing consumer data, and diligently adapt to comply. It may not be sexy, but it underpins everything we do.