The time is coming soon when businesses will need to consider the impacts, benefits and risks of data use -- including from advanced analytics -- beyond the company and beyond individuals. Now groups of individuals, broader groups and even society as a whole should be considered. This is “risk balancing”, the next phase of governance and sustainability.

In 2022 we saw increased pressure and scrutiny on digital economy activities, from AI applications, to AdTech, from increased cybersecurity threats to international data transfer conundrums. Just around the corner is the activation of several U.S. State privacy laws and European "data economy" Regulations (Digital Services and Digital Marketing Acts). The U.S. Congress once again renewed its evergreen debate about Federal Privacy Legislation. Against this backdrop the IAF’s policy work will focus on reframing and modernizing long-standing principles about risks and benefits to people from the use of advanced analytics and machine learning, the concurrent challenges to corporate research and innovation. We are bringing governance to the forefront of executive conversation – centering on data sustainability and organizational resiliency. 

From where I sit, privacy officers would benefit from taking a closer look at these policy frameworks. After all, stakeholder analysis is not new to the IAF. The IAF’s early work on the difference in risks associated with "thinking with data" -- general research, versus "acting with data", -- the decisions and actions that organizations take that impact people.

The rising wave of data policy and regulation makes incorporating risk balancing an imperative.