Emerging Privacy & Security Trends in 2022

Perkins Coie recently published its annual report on emerging technologies for the year. The report encompasses areas of artificial intelligence, machine learning, digital media, Greentech, healthcare technology, and data privacy, to name a few. The report also addresses how these developing areas help drive new legal and regulatory standards. I’ll recap the most important chapter, Privacy & Security.

Emerging Science and Technology

Synthetic Data – Artificially created information that replicates real-world scenarios and removes biased outcomes. This data can preserve privacy because it will omit variables that contain personal information. In some instances, this data would produce more reliable results than models using data masking or anonymization techniques. This data is exactly what it sounds like… Created, not collected.

Cryptography – Methods, such as symmetric and asymmetric, of encryption scramble data so that it can only be accessed and read by the key holders (i.e. individuals with the correct authentication method). The challenge faced by cryptographers is that they need to continue developing new methods to keep ahead of cybercriminals’ decryption tools. Some methods to do this would be to lengthen key sizes (i.e. longer passwords) or use holomorphic encryption, which allows the user to perform computations of data without decrypting it. Homomorphic encryption allows the organization to encrypt once without reversing the encryption. In other words, locking the door and destroying the lock and key.

Hacking Strategies – Strategies are evolving with security tools. Common strategies include social engineering, ransomware attacks, privilege escalation, credential stuffing, and brute force attacks. The primary goal is to obtain information about something (once the instances of hacking for the sake of exploration are removed) or someone and then use that to obtain something of additional financial value. In other cases, such as activist groups, hacks are conducted for social causes, such as what happened to the Russian Ministry of Defense towards the end of February. One of the best methods to protect against the risk of stolen credentials is to use a multi-factor authentication application (MFA), and not SMS. MFA tools are much more secure than our text messaging platform.

Differential Privacy – This method alters information to the point that it becomes improbable to identify by the natural person. Organizations can aggregate and analyze data without compromising its confidentiality. Google has released a toolkit just for this purpose.

Data Resilience – Building this into software products can reduce the impact of data loss from power outages, service interruptions, or natural disasters. As infrastructure becomes “smarter,” so too do plans concerning continuity. Several methods to achieve resiliency are performing appropriate backup intervals of data, documenting recovery strategies, leveraging server clustering on different nodes, and performing an annual test of the disaster recovery strategy to ensure its effectiveness.

Quantum Computing – A fairly newer method (compared to those above) where cryptography methods are developed using highly advanced computer processors. The main challenge is to develop cryptographic algorithms that can’t be broken by other quantum computers since this would be a direct risk to data confidentiality. Currently, China and South Korea lead the race into this technology.

Blockchain – This method proves something is true without disclosing the underlying data. Data obfuscation is built into blockchain technology and allows for high levels of data privacy. The blockchain is a distributed database on several nodes of a network and maintains a decentralized ledger of transactions, making it crucial to the role of cryptographic systems.

Impact on Our Lives

Data analytics and “Big Data” allow companies to leverage services they couldn’t in the past. For instance, a company selling shirts can check your purchase history to know what color and size you prefer to purchase, which allows them to personalize your experience. This can, however, make people uneasy because they may prefer to not be offered targeted advertisements and actually want to be forgotten as soon as they walk out the door or close their browser. Be that as it may, organizations that utilize data analytics will have a competitive advantage over companies that choose not to.

If companies possess our personal information, they’re also required to protect it and disclose if it’s been involved in a data leak. Costs of ransomware attacks can reach into the billions of dollars as the company, over several months, spends time and effort rooting out the malicious software on their systems.

Individuals also want companies to be more transparent with how their personal information is used. Seeing consent agreements be more understandable and allowed to opt-out as easily as they opted-in are growing in popularity amongst the general public.

Regarding our environment, the growing need for strong encryption methods will impact the environment in a negative way. The more robust the algorithm, the more computer power it’ll use to encrypt and decrypt data. Additional computer power pumped into the environment will leave a larger footprint that can be difficult to reverse. For the moment, this is difficult to calculate. But eventually, we’ll see that the harder we protect our data, the worse off the environment will be until we develop environmentally-friendly encryption methods.

Currently, only states have enacted privacy laws (California, Colorado, Virginia), but federal privacy law has been discussed (S.4626). Check out my 2022 predictions for more on state and federal policy.

Read the full report for all the details!


See the Newsletters page for the latest content and to subscribe to the regular update, see the About page for information around who DPP is, and check out the Contact page to reach out to DPP with any questions or concerns. These are my thoughts and should not be taken as professional advice simply because you are not paying me for my opinion.

Once you understand how valuable your information is, then you can begin taking steps to keep it private.