While the GDPR is now finalised, the hard work begins in 2017 of prepping and amending policies, procedures, contracts and accommodating the future proofing concepts of PbD and DPbD. Will the potential cost efficiency, value-add and pre-problem solving potential of PbD and DPbD be fully achieved in 2017?
National law provisions also need to be examined as a consequence of the GDPR.
Formal mandated Data Protection Officers may prove to be more significant and empowered than some may have initially thought. The import of the DPO is predicted to grow.
The trend of new forms of personal data to be potentially collected with new devices will continue. As ever, the question remains as to whether new tech is commercialised and data protection is left for an afterthought (and also ignoring PbD and DPbD). Of course, new penalties may prove to be a lightning bolt.
One issue from leftfield is how these issues will possibly fare under a new administration in the US, and indeed how the FTC may or may not change. It is also by no means certain that all of the choppy waters of Safe Harbour/Privacy Shield are fully behind us.
Dr Paul Lambert is author of The Data Protection Officer: Profession, Rules and Role (Routledge Taylor & Francis) and A Users Guide to Data Protection, second edition (Bloomsbury Professional).