Gartner predicts that privacy claims related to biometric information and cyber-physical systems will exceed $8 billion by 2025


By 2025, privacy lawsuits and claims related to the processing of biometric information and cyber-physical systems will have resulted in more than $8 billion fines and settlements, according to Gartner, Inc.

“Autonomous vehicles, drones that capture video, smart buildings and smart cities are cyber-physical systems that capture biometrics of all kinds,” said Bart Willemsen, vice president of research at Gartner. “The collection and storage of biometric information is growing in popularity, whether in the form of fingerprints, iris scans, remote recognition of face, gait, voice or even samples DNA data. But this information has enormous potential for misuse or abuse.”

During his session at the Gartner Security & Risk Management Summit, which takes place virtually in the Middle East So far, Willemsen said the new privacy laws cover the capture, conversion, storage and processing of biometric data, and may even apply to face-tagging technology. in social media. They may also have a retention regime and may prohibit the sale, rental, trade or profit of biometric data. Some completely prohibit the use of biometric information in certain use cases.

“In such cases, it is important that security and risk managers and privacy officers consider alternative and less invasive means to achieve the intended objectives, explaining all the necessary information to the client without any caveat,” Willemsen added.

Some multinational consumer-facing organizations are actively moving towards a self-service model through privacy portals and intake forms. Their intention is not just to avoid regulatory fines, but also to build customer trust and maintain a positive sentiment towards the brand.

Privacy budgets will grow, enabling privacy to move from compliance to competitive advantage

Gartner predicts that by 2024, the average annual budget of large organizations for privacy will exceed $2.5 millionto move from compliance ethics to competitive differentiation.

Privacy budgets have gone from $1.7 million in 2019 at $2 million in 2021 and are expected to continue to increase at a steady rate. The sudden rise in online activity, remote work and virtual learning has increased cyber threats. With privacy regulatory efforts expanding in dozens of jurisdictions over the next two years, many organizations will only see the need to begin their privacy program efforts now.

Gartner recommends that organizations first gain full and detailed control over all personal data processing activities before they can transfer that control to the individual. One way to do this is to use privacy rights and consent management services. “The customer will experience the difference between having to wait weeks for an incomplete answer, or having full access to the answer to the question ‘what data is an organization processing on me in seconds?’ That difference is where trust is won or lost,” Willemsen said.

Depending on the maturity of their privacy programs, organizations move beyond compliance-focused work to customer-centric activities. For example, enabling customer experience professionals to address customer complaints about lack of transparency and privacy UX automation, or providing access to privacy rights to all global customers, whether they whether obliged to do so or not, by treating customers fairly on an international scale.

Gartner customers can learn more in “Predicts 2022: Privacy Risk Expands”.

Learn about the top priorities for security and privacy leaders in 2022 in the 2022 Leadership Vision for Security and Risk Management Leaders.

About the Gartner Security and Risk Management Summit

The Gartner Security and Risk Management Summit 2022 provides analysis of the latest security trends and how to manage risk and build resilience. Follow conference news on the Gartner Newsroom and on Twitter using #GartnerSEC.

Upcoming dates and locations for the Gartner Security and Risk Summit include:

March 7-8 in India,

June 7-10 in National portMD.

June 21-22 in sydney

July 25-27 in Tokyo

September 12-14 in London

About Gartner’s Information Technology Practice

Gartner for Information Technology Executives provides actionable, objective insights to CIOs and IT leaders to help them drive their organizations through digital transformation and lead business growth. Additional information is available at

Follow Gartner news and updates for IT managers on Twitter and LinkedIn. Visit the IT newsroom for more information and ideas.



Comments are closed.