Happy International Data Privacy Day!
To celebrate, I’ve put together a market map of some tech in the privacy space. (*Disclaimer: These Views Are My Own and Do Not Represent Any Organization I Am Affiliated With*)
From a Consumer Perspective (B2C):
Data Tracking/Remediation: These companies track your digital footprint, and in some cases, act on your behalf to delete and reclaim your data from online platforms (Jumbo Privacy, Mine, LifeLock, Dip)
From a Business Perspective (B2B):
Data Governance, Mapping, and Visibility: With GDPR, and now CCPA, companies that hold user data are required to maintain an inventory of the data, as well as provide data flows to regulators. These companies allow customers to visualize and report on their users’ data, as well as automate data rights requests (BigID, Osano, Ethyca, WireWheel, Securiti.ai, OneTrust). This category will likely be the fastest growing this year.
Privacy as a Service: These companies help customers build privacy directly into their development process, tech stack, and/or product. To me, this category will define the future of B2B privacy. Rather than offering bolt-on compliance for privacy regulations (treating the symptoms of poor data management), they will help companies think about privacy from the beginning (Oasis Labs, Terratrue).
Encryption and Synthetic Data: This is a huge category, so I’ll just brush on this quickly. Companies in this category encrypt data (files, emails), as well as allow customers to run compute on encrypted data. Traditional encryption is done by companies like IBM, while encryption allowing compute on data in use (homomorphic encryption, secure multi-party compute) is done by companies such as Baffle, Secretarium, Enveil, and others. Synthetic data companies create fake look-alike datasets to allow customers to run computations while maintaining security of the original data - they also help companies who may not have access to real data (Hazy, DataGen).
Identity and Access Management: The traditional stalwart of data privacy, these companies have historically offered access management and user directories (Microsoft, Okta, Ping Identity, OneLogin, RSA, CA), and will continue to be important in a password and identity-first world. Anti-fraud and identity verification companies take on the job of making sure users are who they say they are, and don’t attempt to steal others’ identity. My final, and favorite category in this section, are the passwordless companies - those who enable passwordless login for users (Hypr, NuID, Fast). This is the pinnacle of security and privacy in my opinion, as no passwords are stored on shared databases, but rather on end devices.
Thanks for reading - I’m sure I missed a bunch of companies so send ‘em over! And stay tuned for tomorrow when I finish part 2 of my uncle’s failed adventures in business (and subscribe).