As we enter 2025, data privacy and identity protection will remain some of the hottest topics around. Watch out for the continued meteoric rise of digital identity verification and management, more data privacy laws, tighter regulations around artificial intelligence, and the continued emergence of quantum computing. Here’s our take on what lies ahead:
- Digital identity verification and management will take centre stage
Impersonation and fraud, particularly in banking and finance, have become so prevalent and sophisticated that digital identity verification and management will fast become the go-to solution for protecting customers and building trust, replacing paper-based and other vulnerable systems. We agree with industry predictions that identity will be the “linchpin of business resilience” going forward, and that “digital identity verification will have a breakout year in 2025”. There’s likely to be a rush to digital identity wallets and digital and biometric credential verification methods, particularly since regulations like eIDAS 2.0 in the EU are driving the transition to decentralized identity technologies. Go Inside Version 3.0 of the Most Advanced Mobile Wallet SDK on the Market. Explore our guides. - The US will get more state privacy laws, but no federal privacy law
In an unsurprising development, most pundits agree that the United States’ chances of finally achieving a comprehensive federal privacy law are slim to none in 2025. IAPP and TechRadar commentators believe securing bipartisan agreement on such a law is likely to remain elusive under the Republican-controlled Congress, which TechRadar suggests “could leave Americans relying on digital tools to claim back their online privacy for themselves.” Anonyome Labs’ MySudo and RECLAIM apps are great examples of proactive consumer privacy tools.
As always, stepping into the breach from an absent federal privacy law will be state privacy laws, and we’ll see many more of those in 2025. Twenty-six of the 50 US states now have a state privacy law, expanding consumer rights and ratcheting up compliance obligations on business. In 2024, four more state laws came into effect:
Texas Data Privacy and Security Act (TDPSA), effective July 1, 2024
Florida Digital Bill of Rights (FDBR), effective July 1, 2024
Oregon Consumer Privacy Act (OCPA), effective on July 1, 2024
Montana Consumer Data Privacy Act (MCDPA), effective October 1, 2024.
January 2025 saw four more state privacy laws come into effect—Delaware, Iowa, New Hampshire, and New Jersey—and later in 2025, Tennessee and Maryland will introduce theirs. - Regulation around AI will tighten but privacy and security issues will remain
Generative AI will be the thing to watch in 2025, with artificial intelligence becoming integral to core application design and service delivery for its efficiency, UX and cost-saving benefits. But this emerging tech will also remain acutely challenging, particularly from a data privacy and security perspective.
Regulation around AI will tighten in 2025, but the IAPP puts a good question: “While there is a consensus AI should be regulated, and there are increasing efforts in this sense — such as the highly anticipated EU AI Act [and Colorado’s AI Act] — the fact is AI privacy risks remain uncharted waters, leaving both AI practitioners and privacy professionals with a feeling of unease. After all, since AI technologies are advancing faster than regulation, how should privacy pros approach AI privacy risks in a way that makes new products viable, while safeguarding data subjects’ rights?” It’s a question that may linger well beyond 2025.
The IAPP highlights these 12 risks from AI, which come from Carnegie Mellon University and Oxford University’s adaptation of earlier work by Professor Daniel Solove:
Surveillance: AI exacerbates surveillance risks by increasing the scale and ubiquity of personal data collection.
Identification: AI technologies enable automated identity linking across various data sources, increasing risks related to personal identity exposure.
Aggregation: AI combines various pieces of data about a person to make inferences, creating risks of privacy invasion.
Phrenology and physiognomy: AI infers personality or social attributes from physical characteristics, a new risk category not in Solove’s taxonomy.
Secondary use: AI exacerbates use of personal data for purposes other than originally intended through repurposing data.
Exclusion: AI makes failure to inform or give control to users over how their data is used worse through opaque data practices.
Insecurity: AI’s data requirements and storage practices risk of data leaks and improper access.
Exposure: AI can reveal sensitive information, such as through generative AI techniques.
Distortion: AI’s ability to generate realistic but fake content heightens the spread of false or misleading information.
Disclosure: AI can cause improper sharing of data when it infers additional sensitive information from raw data.
Increased accessibility: AI makes sensitive information more accessible to a wider audience than intended.
Intrusion: AI technologies invade personal space or solitude, often through surveillance measures.
Debate and developments around these 12 risks from AI (and potentially others) will be a hallmark of 2025. - Quantum computing will make more headlines
We were interested to see quantum computing moving onto the “trends to watch” lists for 2025. The race to quantum computing has been going on for a while now, and things are definitely heating up.
Many industries have use cases for quantum computing for simulations (e.g. simulating molecular structures in drug discovery or climate modelling) and optimization (e.g. optimizing shipping routes and flight paths, enhancing machine learning algorithms, or developing advanced materials). But as we’ve said before the quantum age does present some real threats, particularly the looming arrival of quantum computers that are sufficiently powerful and error-resistant to break conventional encryption algorithms (RSA, DSS, Diffie-Hellman, TLS/SSL, etc.) and expose the world’s vast stores of secured data. The race is on to Q-Day and we’ll likely see more about that in 2025.
The US Government has issued a quantum readiness guide to developing and building capabilities to secure critical information and systems from being compromised by quantum computers. - More people will worry about data privacy and act to protect their personal information
Consumers are growing increasingly worried about the safety of their personal information, particularly on social media and around AI. With 2024 recording the biggest and most destructive data breaches, and new stats [NB1] showing most people worldwide have already had their personal information stolen, it’s not surprising that people fear data surveillance and scammers. Cisco’s annual privacy study did, however, reveal that all this worry is making people more proactive about protecting their own data, which can only be a good thing, and tools like Anonyome Labs’ consumer apps MySudo and RECLAIM make it easy. Anonyome also offers businesses a suite of next generation digital identity and privacy tools.
As we head into 2025, we wish everyone a happy and safe year. If you’d like to know more about Anonyome Labs’ privacy and identity protection tools, head here for consumer solutions and here for business solutions.
You might also like:
Americans Say Data Privacy is a Human Right: Here are 3 Apps that Achieve It
Gartner Confirms Anonyome Labs’ Solutions Offer Competitive Edge
Anonyome Wins Prestigious SuperNova Award for Digital Wallet that Will Transform Agriculture
