Beijing, Jan 20 (IANS): Huawei on Wednesday said that businesses will witness an increase in class-action lawsuits in the personal data space in 2021-2022, urging corporates to focus on data minimisation and business continuity management to mitigate data security challenges.
Speaking at a webinar, Joerg Thomas, Director, Data Protection Office, Huawei said: "We may witness an increase in class action-style lawsuits in the personal data space in 2021-22 as aggravated parties view judicial remedy as a potentially faster way to get redress when their data rights are violated".
Businesses need to be transparent about the transfer locations of personal data and the types of data being transferred, and take into account the legal requirements in the receiving jurisdiction.
A return to "basics" is essential and records of processing activities (RoPa), privacy notices and cookies should always be up-to-date and compliant with governing laws, he added.
Huawei hosted a webinar comprising an expert panel to discuss the lessons learnt on data protection in 2020 and the trends to watch out for in 2021.
According to Thomas, from a long-term sustainable point of view, organisations will need to adopt data minimisation and privacy by design and default, and "at all times ensure that business continuity management (BCM) plans are in place".
2020 was a challenging year for data protection and Covid-19 digital contact tracing and general health surveillance added to an already complex landscape of human rights and privacy laws.
"Living in a cloud-generation era, we are increasingly dealing with the emergence of shadow IT or shadow data where content is backed up on multiple clouds, without the knowledge of data compliance departments," said Ramses Gallego, International Chief Technology Officer, Cybersecurity, Micro Focus.
He said that technology itself would help to create the circles of trust — beyond which data should not be visible, nor active.
He spoke about encryption and tokenisation as effective risk mitigation strategies that corporates could adopt and that could stand up in a court of law in the unfortunate incident of a data breach.