GDPR 365 - bear-trap, burden or business opportunity?

Toni Sekinah, research analyst and reports editor, DataIQ

With just under a year to go until GDPR enforcement, an avalanche of information has fallen from data companies, leaders and experts across the world. What they said fell into four categories: warnings, opportunities, survey results and sales pitches. Here’s the pick of the bunch.

Dire warnings

Lots of emotive language was used to get editors and, in turn, the wider data industry to sit up and pay attention (although the chances of them not having done so already are slim to none). “Organisations need to know the risks they might be taking so they manage, mitigate and avoid any bear-traps lying in the data forest,” said Rosemary Smith, managing director of Opt-4, in a blog for the Institute of Direct and Digital Marketing. 

For Ashley Winton, partner at law firm Paul Hastings and chairman of the UK Data Protection Forum, it was less about catching bears and more about life and death. “In the GDPR compliance triage, an immediate focus on technology could be a lifesaver,” he said. Elsewhere, ZoneFox talked of “the starting gun having been fired,” suggesting either the bear or data practitioners might have been hit by the bullet, possibly when running away from the regulatory stick which CA Technologies chose to emphasise.

Liz Brandt, Ctrl-ShiftTo Liz Brandt, chief executive of Ctrl-Shift, it was a case of vision versus exctinction. “By acting now and thinking big, some businesses will gain significantly from GDPR. Those that don’t risk becoming tomorrow’s Blockbuster, Woolworths or Yahoo!,” she said.

Even thunder clouds have a silver lining

Many organisations see GDPR as presenting an opportunity to change the way they are perceived by the consumer. Steve Martin, data protection officer at Equifax, aimed his message at telecommunication companies, saying: “It brings the opportunity to improve the public’s understanding of how their information is used and kept safe.”

Brandt encouraged marketers to change their perspective. “It does not have to be a burden, but instead can be an opportunity. It enables businesses to totally reframe their consumer relationships, build trust and deliver more valuable services,” she said.

With specific reference to financial services companies, Gé Drossaert, chief commercial offer of online bank Fidor, said: “GDPR creates a significant opportunity for banks to become more transparent in their business practices, which can only enhance trust levels with their customers.”

A survey says…

Numerous studies had been commissioned in the run-up to the one-year mark, canvassing the opinions of IT professionals, companies and consumers. The findings were sobering. One survey seems to the suggest that the UK is in a dire situation in comparison with other countries. Security software provider WinMagic’s survey of 500 IT professionals in the US, UK, France and Germany found that only 37% in the UK were completely confident that they could report a breach within 72 hours of discovery. This compares to a global average of 52%. It also uncovered that only 46% of companies globally - and just 27% in the UK - were completely confident that they could easily identify the data obtained in a breach.

Compuware’s survey of 400 chief information officers found that only 19% in the UK have a detailed plan in place for how they will comply with GDPR. This is a marginal improvement on the 18% from last year, but still far behind the global average figure of 38%.

Blancco Technology claimed that 43% of British organisations in its survey don’t plan to start a data protection gap analysis until the second half of 2017. It also found that one quarter of British companies only employ basic deletion methods and one third use free wiping solutions.

In a survey by RSA of 2,045 UK consumers, only 15% had heard of GDPR although 76% had heard of the UK Data Protection Act. Over half (53%) believe that the fines proposed under the GDPR are fair and 28% say they have chosen to boycott companies that mishandle data, opting for more secure alternatives.

And some people just want to sell stuff

3M sounded a warning about the danger of “visual hacking”. This is the nefarious act of snooping over someone else’s shoulder to see their laptop, tablet or smartphone screen. Fortunately, you can fit a 3M Privacy Filter to avoid this problem completely.

As you might expect, The IDM highlighted its regular face-to-face training courses for marketers, while Sue MacLure, head of data at customer engagement agency PSONA, was just “keen on discussing how best to prepare for the new regulations, the use and storage of data, etc,”, which seems pleasantly open-minded of her.

Everyone within the data world seems to have a view on the issues and 25th May gave them all an opportunity to join the discussion. But the question remains, how much of this chatter is being heard outside of the data echo chamber?

 

Related articles: Why has UK plc had enough of GDPR experts?