Reflecting on the findings, Gartner research vice-president Bart Willemsen said: “Privacy laws, such as GDPR, presented a compelling business case for privacy compliance and inspired many other jurisdictions worldwide to follow.”

“More than 60 jurisdictions around the world have proposed or are drafting post-modern privacy and data protection laws as a result. Canada, for example, is looking to modernise their Personal Information Protection and Electronic Documents Act (PIPEDA), in part to maintain the adequacy standing with the EU post-GDPR.”

Privacy leaders are under pressure to ensure that all personal data processed is brought in scope and under control, Gartner noted in a statement, which it said is “difficult and expensive to manage without technology aid”.

This is where the use of AI-powered applications that reduce administrative burdens and manual workloads comes in, it posited.

Elsewhere, Gartner noted that at the forefront of a positive privacy user experience (UX) is the ability of an organisation to promptly handle subject rights requests (SRRs).

“SRRs cover a defined set of rights, where individuals have the power to make requests regarding their data and organisations must respond to them in a defined time frame,” it said.

According to its 2019 survey, many organisations are not capable of delivering swift and precise answers to the SRRs they receive.

VIEW ALL

“Two-thirds of respondents indicated it takes them two or more weeks to respond to a single SRR. Often done manually as well, the average costs of these workflows are roughly [US$1,400], which pile up over time,” Gartner recounted.

“The speed and consistency by which AI-powered tools can help address large volumes of SRRs not only [save] an organisation excessive spend, but also [repair] customer trust,” said Mr Willemsen.

“With the loss of customers serving as privacy leaders’ second-highest concern, such tools will ensure that their privacy demands are met.”

Moreover, through to 2022, privacy-driven spending on compliance tooling will rise to $8 billion worldwide, with Gartner expecting that privacy spending to impact connected stakeholders’ purchasing strategies, including those of CIOs, CDOs and CMOs.

“Today’s post-GDPR era demands a wide array of technological capabilities, well beyond the standard Excel sheets of the past,” said Mr Willemsen.

“The privacy-driven technology market is still emerging. What is certain is that privacy, as a conscious and deliberate discipline, will play a considerable role in how and why vendors develop their products.

“As AI turbocharges privacy readiness by assisting organisations in areas like SRR management and data discovery, we’ll start to see more AI capabilities offered by service providers.”