App addicts: How the explosion of applications is threatening data protection
Updated: Mar 3, 2022
As organizations deploy more and more apps to meet the challenges of COVID-19 the increased data fragmentation will only exacerbate the pre-existing threat that apps pose to our personal privacy and data protection
We're addicted to applications
In 2019, New York-based application management company Blissfully released the latest edition of its Annual SaaS Trends Report that revealed the extent to which applications (specifically cloud-based SaaS applications) have penetrated businesses.
Source: Blissfully
Small businesses now manage an ecosystem of almost 80 applications and what we're seeing is a trend towards more apps being used by more teams with less oversight from people who understand how to actually manage the data they're collecting.
Equally significant is the trend towards the increasing de-centralization of "IT ownership", as the report reveals:
"Departmental leaders are now empowered to play a much larger role in evaluating the best technology toolkit for their teams. However, in many organizations, management processes have not caught up. There are many more owners of SaaS, but no birds-eye view of usage or spend, leading to duplicate and orphaned subscriptions."
Source: Blissfully
COVID-19 is accelerating app proliferation
Since the outbreak of COVID-19, millions of small and medium-sized business have rushed head-first into the digital economy and this has created an army of experts delivering advice on how they can make the transition to the contact-less economy simply by adding dozens or even hundreds of new apps.
At the other end of the spectrum, enterprise and public sector organizations (where operating 5,000+ app and system databases was the norm pre-COVID-19) who are managing their own response to the pandemic in the form of new apps.
Here, COVID-19 has forced an acceleration of "digital transformation" projects in order to supply hundreds of new customer and employee apps ranging from drone-based delivery systems to the ubiquitous Zoom meetings.
But not only does each of these project add an additional database to the mix, they also add to the complexity of integration, a process that is essential to the delivery of projects such as business reporting and analysis, back-office support, and the building of bespoke applications.
Why app proliferation damages data protection
So businesses and public sector agencies have a lot of apps that contain data that gets copied into an unknowable number of spreadsheets and via a mind-boggling number of integrations.
But so what?
Aside from the staggering time and cost that it takes for companies to manage app and data integration, all these copies of data going back and forth between apps and data storage platforms makes the ability to comply with data protection legislation (like PIPEDA and GDPR) a near-impossible task.
The proliferation of applications and integration caused by COVID-19 is further damaging the ability to control personal data
The increased fragmentation and copying of data means that we are getting farther and farther away from a situation where service providers, both public and private, can offer data owners (or even themselves) increased CONTROL of data.
Beyond the app-specific database
If we persist with the mantra "an app for everything, and a database for every app" the fragmentation of data will only get worse. The resulting erosion of data privacy and data protection will impact public trust and the result will be fewer collaborations between data owners and service providers on projects like contact tracing apps.
The Data Collaboration Alliance is not calling for the end of apps, but a re-imagining of their relationship to data. Service providers, both private and public, need to start exploring new approaches to building technology that will migrate data towards more centralized, controllable, and above-all collaborative environments.
If you'd like to join the movement, please get in touch.