To say 2018 was something else is an understatement. A fat chapter in history books of the future, my personal applause to all the dedicated reporters, editors and investigators this year. Scandals, tariff wars, natural disasters and special investigations; constant, back to back crises. So much so that 'Justice' stands as Merriam-Webster’s 2018 word of the year. Not to mention a year of increasing violence towards journalists and their dedicated teams. Writers and correspondents, you've definitely been keeping our back with all the flurry of information.

2018 was also a banner year for privacy enthusiasts, big data and security. In May of 2018 the General Data Protection Regulation (GDPR) went into force within the European Union. This continues to bring new levels of awareness, worldwide to privacy. Even if many organizations still have work to do for compliance, privacy is definitely on the public radar. Much as in 2017, more data breaches hit our ears, including Marriott Hotels and India's Aadhaar database. More critically however, came the news when the breach was not a breach: following the Cambridge Analytica scandal, we’re asking more about the power of the private sector and our data than before.

So what's next? What can we expect to look forward to in privacy, big data and IM over the next year? Here is Information in Bloom’s top five predictions for 2019.

Oh Facebook. You might hope the worst is over: think again. Unless the social media giant completely re-thinks its financial model and how it understands data, the company won’t be winning awards for privacy practices. We already know that Facebook is fielding complaints since the GDPR went into effect. Worse for the social media giant, the compliance complaints were made before the new insights on the corporation's data practices were leaked.

Meanwhile, privacy theorists predict that that more GDPR penalties will roll out in 2019. It makes sense: investigations will wrap up and decisions made. Combine the two, and it's difficult to predict a future where the two won't clash. Facebook, having massive public privacy scandals and a poor showing of corporate responsibility is a natural target. Conversely, if EU supervisory authorities don’t enforce the regulation, particularly against so blatant a player, the GDPR will appear toothless to everyone else. Given that Facebook attempted to appeal a $500,000 fine from the United Kingdom's Information Commissioner over Cambridge Analytica, a fine of over a billion will unquestionably be contested. Get your popcorn ready for this one.

My thanks to @hypervisible on Twitter, who brought this term to my attention. The term made a few minor headlines earlier in 2018 thanks to Patrick McMullan, COO of Three Square Market. A Wisconsin company putting computer chips in employee hands, Three Square isn't alone on this one. We know that computer implants are becoming popular in Sweden; it stands to reason as the tech evolves we'll see it more often. None of this is new: theorists have put forward the idea of the 'Internet of People' since 2017. Step into some science fiction at your local library, and the idea has unquestionably been around a lot longer; only now, it's increasingly real. How much traction it will get will depend on the benefits the technologies can bring, and individual community acceptance. If you have an interest in privacy however, it's hard not to see the Orwellian future in this one. Microchip implants may have benefits, but those benefits always come at a cost: our personal data. Although it's too early to say how widespread the practice will be worldwide, or how legal by jurisdiction, a reality of human beings tapped, tagged and tracked is happening.

One of the most under-rated scandals of 2018 was in October, with news of Amazon's attempt at integrating AI into the recruiting process. The program, which was thankfully pulled before going into use, was unquestionably sexist: pulling candidates down in ranks for the word "women's" on their resume.  The news was brushed by Amazon as a non-issue (they were not actually using it for hiring after all), but it has shed light on the dangers of thinking AI and algorithms offer clean judgements without prejudice. The reality is, an algorithm is only as bias-free as its programmer, and artificial intelligence relies heavily on unbiased data. The GDPR addresses this with Article 22 on automated individual decision-making, but that’s in Europe. Will we see similar protections for other countries, including Canada and the United States, or will computers lead to a new level of discrimination, without anyone able to see when it happens?

This is an easy one. We know the ePrivacy Directive will be finalized in 2019, and that privacy conscious countries are reworking existing legislations to 'catch up' to the GDPR. Argentina is reviewing a a new data protection bill. India has a new privacy framework, although how effective it will be against new government surveillance laws is unknown. In Canada, stronger requirements have hit for gathering consent. In California the California Consumer Privacy Act will go into force in 2020, but only if it isn't overruled by a federal regulation first. When it comes to privacy worldwide, the GDPR was only the beginning. Regardless of what country you operate in, take some time this year to check on upcoming legislations and changes that may effect your business. The privacy regulations, they are a' changing.

In 2017 the big attacks were Ransomwhere and Wannacry. In 2018 we saw an explosion of Cryptocurrency Malware, using unsuspected infected machines to pool their resources for bitcoin mining. What will be the growing attack in 2019?  Doxware? Attack by social media meme? In 2019, what new attack type will grow the most? The exact answer is difficult to discern, but most likely will be "whichever one makes the most money". What we can say with confidence is this: no technology is perfect, and hackers know this. Even the most sophisticated systems still have vulnerabilities: if there's enough prestige or financial gain someone will find a way to get in. Once an attack is successful, security pros must fix, patch or be vulnerable: hackers hustle, and there's no keeping the secret entry of a locked door hush-hush on the dark web. Don't cut that IT security budget just yet: in 2019 be ready for the next level of patches, fixes, solutions and setbacks.