It was at the end September 2021 when the EDPS first launched its first foresight-related project, TechSonar. At that moment, we already believed the world to be a highly -complex place. Yet from September 2021 onwards, we stood by and watched in disbelief the events that unfolded at the eastern border of the European Union, which threatened the very core of our European democracy and values. Today, one thing is certain: new challenges will not cease to emerge.
This led the EDPS to a major question: based on the events of the last two years, what lessons can we learn about technological developments within our community of data protection regulators?
In our day-to-day work, we are confronted with challenges that arise due to continuous innovation. In the growing complexity of our digital society, we need to consider an additional factor: the speed of change.
Someone hinted at this decades ago. In 1965, Gordon Moore hypothesised that the number of transistors in microprocessors would double every 12 months or so. Moore was wrong. The growth has often been faster and more unpredictable than the rate he anticipated. The world has increased in its complexity. From this we can learn a first lesson: we cannot predict the pace of technology evolution, but we can prepare for a diverse set of plausible scenarios.
If we consider this impressive evolution - from Fintech to the metaverse, from artificial intelligence to biometrics - we can see how complex it has become to find effective ways to intervene in these processes and take timely actions.
The more we advance in our work, the more we are convinced that we – as data protection authorities, but also as data controllers and processors – need new tools and skills. We will not be able to carry out our mission to supervise and regulate the use of technologies effectively without being able to anticipate and guide their evolution. To do this, foresight methodologies are key. The more we interact with foresight experts, the more we see an urgent need to integrate this domain with data protection.
For this reason, over the past year and since the launch of TechSonar, we have continued to develop our anticipatory mindset.
We co-organised the closing conference of the Panelfit project on 31 March 2022, we joined a panel dedicated to anticipatory techniques at the Computer Privacy and Data Protection conference on 24 May 2022, and we discussed our preliminary achievements at the 30th European Conference of Data Protection Authorities in Dubrovnik on 20 May 2022. Foresight was also one of the main themes of the EDPS conference on “The Future of Data Protection: Effective Enforcement in the Digital World” that we organised on 16 & 17 June 2022, in Brussels and online.
Continuing on this path, today we are publishing the outcome of our second TechSonar edition, with an updated set of technologies that we consider to be of primary importance to increase the preparedness of stakeholders in the field of personal data protection
This new release of TechSonar has been enriched with a proof-of-concept analysis tool, created together with the publicly accessible Competence Center on Text Mining and Analysis of the European Commission's Joint Research Center. The tool supports the information collection process, analysing the most important academic papers, as well as patents and projects funded by the European Union that concern the technologies we selected.
TechSonar is just a first step towards a wider, forward-looking perspective on our future. We are convinced that an effective approach to data protection regulation needs to take into account anticipatory and proactive ways to tackle its supervisory and advisory tasks, and to support the value-creation process of privacy enhancing technologies. Let me reiterate what was said during the Panelfit conference: we need to start considering the use of anticipatory and foresight techniques as a “new normal” in our future data protection efforts.
The EDPS firmly believes that a multi-stakeholder conversation that anticipates risks and damages to our future digital world is one of the most effective way to enforce the fundamental rights to privacy and data protection.