This year we will witness the formation of an even more diverse market for behaviour tracking due to local law enforcement. Moreover, smartphones will take over traditional paperwork and the idea of a metaverse will become part of our reality.

All these changes are certain to place more demands on the security of various devices and technologies, according to Kaspersky’s Privacy Predictions for 2023 report.

2022 was marked by regulatory activity regarding privacy around the world, targeting both the corporate and private sectors. Some of the measures tackled commercial surveillance and data security practices that harm consumers, while others dealt with invasive machine learning technologies to further protect sensitive data.

However, there are still plenty of privacy issues facing society in the near future, particularly those related to current geopolitical and economic agendas.

This forecast was developed based on the shifts and trends witnessed by Kaspersky’s privacy experts during 2022. According to the researchers, the big stand-off between various stakeholders in the conversation around privacy and data collection will result in the following tendencies:

 

Internet balkanisation will lead to a more diverse (and localised) behaviour tracking market and checks on cross-border data transfer

Most web pages are crawling with invisible trackers, collecting behavioural data that is further aggregated and used primarily for targeted advertising. While there are many different companies in the business of behavioural ads, US-based big tech companies such as Meta, Amazon, and Google are the unquestionable leaders.

However, in many regions, authorities are becoming increasingly wary of sharing data with foreign companies. That drives businesses to show a preference for local players, which might have various privacy implications.

While big tech companies may spend more on security than the smaller players, even they have their share of data breaches. A smaller entity might be less interesting for hackers, but it also faces less scrutiny from regulatory bodies.

 

Smartphones will replace more paper documents

Today smartphones or other devices are widely used as payment methods, making classic plastic debit and credit cards obsolete in some countries.

Moreover, smartphones can be used for medical purposes – as proof of vaccination or current Covid-negative health status – or even as a digitised version of an ID card. The latter may bring both convenience and risks.

On the one hand, a properly implemented system could help to deal with daily verification without having to show the cashier the whole document with other details like name or street address.

On the other, using a smartphone to store an increasing amount of personal data creates a single point of failure, raising serious security concerns. This places serious demands on the security of mobile devices and the way data is stored while preserving privacy.

 

Companies will fight the human factor in cybersecurity to curb insider threat and social engineering to protect user data

As companies deploy increasingly comprehensive cybersecurity measures moving from endpoint protection to XDR (Extended Detection & Response) and even proactive threat hunting, people remain the weakest link.

The misconfiguration of various cloud solutions for data storage is expected to cause fewer data leaks, and more breaches will result from human error. To mitigate these threats, companies might invest in data leak prevention solutions as well as more thorough user education to raise cybersecurity awareness.

 

We will hear more concerns about the privacy of the metaverse – but with smartphones and IoT, aren’t we already in the metaverse?

The amount of data people generate just by making cashless payments and carrying a mobile phone throughout the day is enough to draw the most sensitive conclusions.

Smart home devices, smart cities with ubiquitous video surveillance, cars equipped with multiple cameras and further adoption of IoT, as well as continuous digitalisation of services will make personal privacy, at least in cities, a thing of the past.

So, while a metaverse promises to bring offline experiences to the online world, the online world is already taking hold of the physical realm.

 

Desperate to stop data leaks, people will get insurance against them

Living a convenient, modern life comes with a cost to privacy: for example, ordering food or using a ride-hailing service will generate, at the very least, sensitive geodata.

However, privacy awareness is growing, and people are starting to take preventive measures to secure their personal accounts and minimise their digital footprint.

One way to do that might be to insure oneself against data breaches. While there are already services that recoup losses in case of identity theft, a larger range of insurance offers in the future is expected to come.

“In 2022, we saw how regulatory activity shifted the global data market towards local players,” comments Vladislav Tushkanov, privacy expert at Kaspersky. ‘At the same time, this year was packed with events that showed how consumer data collection can directly impact the relationships between citizens and governments.

“Moreover, we cannot deny that topics such as the metaverse, AI or machine learning will remain in the spotlight of privacy experts throughout this year. Still, we believe that the geopolitical and economic events of 2022, as well as new technological trends, will be the main factors influencing the privacy landscape in 2023.”