Cristina’s Compliance Corner: Compliance Trends for 2023

December 7, 2022
Cristina Bartolacci

Cristina Bartolacci



Compliance is often seen as a complicated, scary topic, but it doesn’t have to be! Cristina’s Compliance Corner discusses hot topics in the compliance and security industry in a more approachable and friendly way. Join me for a LinkedIn Live discussion every two weeks and stay up-to-date on the latest developments in the sphere.

This past week, I hosted the inaugural Cristina’s Compliance Corner and discussed something top of mind… compliance trends for 2023! Below are a few must-know trends I touched on that you need to be aware of as you navigate your personal and professional online privacy and security in the year.

You can view the whole discussion here:

Trend #1:  Privacy will become increasingly important


Security is often the focus of discussion when compliance is the topic. However, there has been an increased shift to also include privacy. I’ve always been taught that you can’t have privacy without security, but now, the sentiment seems to be shifting to an equal playing field – you need to consider both in order to be a true compliance success story.

Recently, you may have heard that the former Uber CSO was investigated for a lapse in data protection (and found guilty). It came as a shock that a big company could fail to protect the privacy of their consumers. And yet, consumers view privacy and personal data protection as imperative for trust. 

In a consumer report by McKinsey, about half of the respondents view companies as more trustworthy when they limit the amount of personal information requested and respond quickly to data breaches. Consumer demand shows that businesses either need to start or continue to responsibly manage the collected data they store in order to have a competitive advantage within their industry. 

What this means for you: 
Security has long been at the forefront of people’s minds, and for good reason! But with how much data we hand over to companies as consumers, we really need to be equally careful about the privacy policies they have in place. In turn, you should keep privacy at the forefront of Infosec discussions at your organization as the demand for consumer privacy will only continue to rise. 

Trend #2: A crackdown on social media

Meta, TikTok, Snapchat… the list goes on when considering the countless social media platforms that relentlessly collect excessive amounts of private data. In fact, TikTok, owned by Chinese company ByteDance, even collects biometric data (your faceprint and voiceprint). Hearing this can sometimes be off-putting, but luckily I’ve noticed a trend of increasingly severe measures taken to protect consumers.

Recently, Meta settled a lawsuit. Essentially, Meta allowed other companies access to the private data of its users. Without lawsuits like these, the public wouldn’t be aware of what some massive social media companies are up to behind the scenes. 

As more of these lawsuits come to court, more light will be shed on the implications of privacy in social media, and more restrictions will be put in place to protect consumers. 

At this time, this is only done within the United States with American-owned companies. It will be interesting to see what happens with foreign-owned companies like TikTok, which have a large global user base. Some questions to consider include:

  • Will regulations and laws remain at a country-specific level? 
  • Will overarching, border-agnostic privacy laws come into effect?
  • Will infractions remain treated on a case-by-case basis considering there are varying levels of ‘mis-compliance’ and fines associated with each level? 

What this means for you:
Only time will tell what the answers to the questions above are. For users, there should be an increased awareness of what information you share with social media platforms and of the social media crackdown in general. For businesses, be prepared should there be any overarching decisions at the user level or if your country makes any decisions on laws that could take effect. If you’re prepared, then the user should still be able to use and interact with the platform, but what type of data is collected will be impacted and most likely become more restricted.

Trend #3 Impact from new movements

Recently, the US signed an executive order on the European and United States data privacy agreement. After lengthy negotiations, the order entails creating a new sector of the U.S. Department of Justice that will oversee how American national security agencies can access and use information from both European and U.S. citizens.

This executive order represents the beginning of new movements toward creating better international security between countries. This is not something to be ignored, as you will continue to read stories about it.  New political movements lead to new laws, which could impact compliance requirements and protocols. 

What this means for you:
The executive order mentioned above is a giant step toward creating a unified approach to privacy. Legislation is desperately needed to lay the foundation for better levels of transparency when it comes to data usage and consumption. Also, legislation will start to provide an equal opportunity playing field for all businesses and corporations to stay within their lanes. Once this begins, businesses will be subject to the same rules, regulations, and requirements, whereas now it varies so much between state, industry, country, etc. 

Trend #4: Compliance continues to be non-optional

Compliance is now non-optional. Well, to be clear, in my very biased opinion, it’s always been a must-have but now–and into 2023–more than ever. Having compliance reports and certifications was once seen as a nice-to-have for marketing and sales to push a product or service. Today, compliance represents a clear differentiator. Not only that, but if you aren’t compliant, you risk losing deals and partnerships. It will prove to be a clear disqualifier if your company doesn’t take compliance seriously. 

If your company isn’t compliant, you are at risk of not only losing out on deals to competitors, but also:

  • Hefty penalties and charges
  • Integrity and reputational damage
  • And head-ache-inducing lawsuits
  • And more!

What this means for you:
Plain and simple, you need to be compliant, or you will lose deals to competitors. 

It’s not worth the laundry list of risks, so if you haven’t already, make compliance a priority in 2023. Not sure where to start? Laika can help. 

Get compliant in 2023!

The key to getting compliant is knowing who to partner with. Consider the experts at Laika to guide you through the process from beginning to end. With our thorough risk assessment, fast certifications, and automated workflow audits, Laika makes staying within compliance as easy as possible. Speak to a member of our team today to learn more: request your demo.

Share this post with your network:

Related Posts

Mastering PCI self-assessment: Essential tips

The PCI DSS Self Assessment is a vital process that helps merchants and service providers evaluate and report their compliance with PCI DSS standards. Whether your business is large or...
Read Article icon-arrow

Your essential guide to managing a GDPR data breach

A GDPR data breach can be devastating. Understanding and reacting appropriately is vital. If you or your organization is faced with handling such a scenario, this guide clarifies the steps...
Read Article icon-arrow