Around the world, data borders and regulations are being strengthened in a drive to protect customer privacy and fight cybercrime. As a result, multinational businesses are contending with a complex regulatory landscape. For business, data, and technology leaders, today’s challenge is to comply with local regulations while respecting customer expectations and managing complex global supply chains. To meet these macro and micro-economic challenges, organisations are looking for borderless data systems that enable global business operations but meet local demands.
The European Union’s General Data Protection Regulation (GDPR) has given rise to similar laws across the world, and the United Nations Conference on Trade and Development (UNCTAD) reports that 71% of countries have data protection regulations in place and 9% have legislation in development. Data governance professionals have increased their focus on data and cloud sovereignty in response, as some of these regulations restrict how data can be shared across physical national borders. In many cases, these regulations are positive and protect organisations and nations from criminals and aggressive states.
However, today’s supply chains require data to be shared. A further complication is that cloud computing enables data sharing and business efficiency, yet the major cloud computing providers are firms from the US. These businesses must comply with the US Cloud Act, which gives the US government access to data stored by these firms, even when hosting takes place outside of the US.
Meeting new data demands
Not only must data and technology leaders meet new compliance demands, but also rising expectations from the organisation to use data to meet business goals. Across all vertical markets, organisations are striving to become data-centric, using data to drive innovation, find efficiencies, increase profit margins, and lower the environmental impact of the business.
New data technologies such as Large Language Models (LLM), artificial intelligence (AI) and machine learning (ML) are becoming available from, typically, the cloud providers. This means that organisations will have to extend data protection so that they can do full anonymisation and use synthetic data to ensure the data is ready for AI usage.
At the end of the day, data sovereignty regulations should not be seen as an inhibitor or an end to global data. International data sharing is vital to individuals, businesses, and nations. For example, the know your customer (KYC) regulations that the financial services sector adopted following the September 11 attacks on New York and Washington DC in 2001 are critical, and it is important for data and technology leaders to understand that data globalisation and data sovereignty reside within a spectrum of needs for both the customer and the organisation.
Within this spectrum, data leaders often find they cannot meet the demands of the business due to data being locked in silos or governance processes, such as data sovereignty. If organisations don’t have a data strategy and solution in place, data silos will proliferate and prevent insight from being derived from the data.
Data governance will also become a blockage, especially if governance relies on manual processes. Likewise, as soon as you involve a human in the process, the timelines to access data go from days to weeks and months. For organisations to meet the needs of customers and benefit from the analytical power of the new wave of data technologies, data governance must be automated with software. Having spent seven years as a data leader with international bank, HSBC, I know from first-hand experience how challenging this is. For example, at HSBC, we had 20,000 Oracle databases; clearly, it’s not practical to protect one database at a time. In addition, technology sprawl has been amplified by cloud computing in most large organisations.
Reaping the benefits of globalisation
Borderless data solutions enable organisations to be both local and global. This is essential not only for compliance purposes but also to deliver on the expectations of customers, whether they be in Europe, Asia or the Americas. A global analysis of data ensures that organisations are delivering the same standards to customers across all markets. In addition, borderless data solutions provide data and technology leaders with speed, agility, and the ability to access information in real-time, which you can only do if your governance policy can be enforced and you can ensure data transfer without a human in the loop.
Having a 360° view of the customer
Speed and adaptability are vital to organisations in the digital economy, which relies on the business having a 360-degree view of the customer regardless of which part of the business they engage with, and wherever they are in the world. A global data solution provides this insight, helping the business make better decisions and deliver a more competitive customer experience.
Global data solutions also benefit organisations internally, increasing collaboration between data, technology and cybersecurity teams, and ultimately making the CISOs popular. Today, the CISO role is transitioning from a “department that says no” to an individual who is now closely aligned to business outcomes. As a result, CISOs are looking for systems that protect the business and its data but also enable access and support the desired business outcomes.
Data sovereignty need not be a barrier to global data analytics and operating across borders. When good governance is automated, it will respect local laws and deliver international business growth and innovation, both now and in the future.
Alasdair Anderson is VP EMEA, Protegrity