Christine Varney, a partner at law firm Hogan & Hartson in Washington, D.C., and former chairman of the Federal Trade Commission, sees radio-frequency identification as the big issue this year. She says to "watch for the government to begin looking at the privacy aspects of the technology." Christine also expects that the FTC will be holding hearings on RFID technology over the next year.
Kevin G. Chapman, labor counsel at Dow Jones & Co., forecasts that employment, workplace monitoring, and employee privacy issues will be especially important in 2004. "As for privacy--what I see more and more are employers and employees enmeshed in disputes about electronic information, such as electronic monitoring of employees, misuse of E-mail and Internet access by employees, and electronic 'evidence' that is relevant to employment disputes. Companies are struggling both with the requirement to notify employees and have clear policies about things like Internet usage and the lack of any expectation of privacy in an employee's computer or E-mail."
He also sees the monitoring issue as broader than the standard privacy issue. "Companies need to have uniform and well-enforced and audited document retention and destruction policies, and need to actually know where their information is and how to get it when they need it (or it is requested in litigation)." Interestingly enough, the two issues dovetail. "All this ultimately gets back to some document or E-mail record on some employee's PC, which they think was deleted, or that they think is in a 'private' directory and therefore not subject to being retrieved by the company--when in fact it can be accessed, recovered, and used by the company." And as I've been saying for years, Kevin reminds us that employees have very few privacy rights in their workplace.
Barbara Lawler, CPO for Hewlett-Packard, has been a leader in privacy and compliance for many years. She sees off-shoring and outsourcing continuing as the obvious big news for 2004. Barbara explains, though, that "what may not be so obvious is the amount of work required by privacy officers and staff to ensure that personal data transports relating to the off-shoring and outsourcing are properly protected--by contracts, and more important, by solid business practices, security, and technology controls." She suggests thinking of the company's data like a person, needing a "passport," especially if it's leaving the European Union and similarly regulated countries and regions.
How do your own forecasts match up with these? What privacy issues are you facing in your company this year? What privacy issues are consumers going to face this year? How will businesses demand better privacy and confidentiality in B2B transactions? Where is your employer putting its privacy, compliance, and security money this year? Join the discussion in the Listening Post!