As the world accrues more information, the internet age is quickly transforming into the data age. More data has been generated in the past two years than in all of human history. For brands, that torrent of information comes with new challenges and opportunities.
One of the most exciting milestones of the data age has arrived. It’s a new European Union standard that will have globally reaching effects: the General Data Protection Regulation (GDPR). Adopted in April 2016, it begins its transition to full application in May 2018, when it will ensure a new era in consumer data privacy and control.
Data protection regulation isn’t exactly new. The GDPR’s predecessor, 1995’s Data Protection Directive, will have completed its 23-year service to EU citizens when the GDPR is implemented. But 23 years is an eon in the IT world. It’s not surprising that legislation that was crafted when desktops ran Windows 95 and eBay was a start-up no longer meets present needs. (Many current users weren’t even born!)
Instead, GDPR will address today’s data privacy and control needs far more comprehensively. New regulations include data subject consent, data anonymity, breach notification, trans-border data transfers, and the appointment of data protection officers. GDPR applies if either the data controller/processor - such as Google - or person whose data is collected is based in the EU. In that sense, it has ramifications for any global company servicing Europe’s more than 740 million inhabitants.
And GDPR will enforce compliance by data controllers and processors with authority to impose hefty fines: up to 4% of worldwide turnover. With compliance becoming mandatory on 25th May 2018, companies only have just over 13 months to prepare. That requires major operational reforms.
A new era means a new opportunity
For brands, these changes pose a great opportunity to cultivate consumer trust and confidence. Those who do it best will win big in market share and brand loyalty. That requires understanding the consumer’s perspective on data privacy concerns. So it’s vital to present the GDPR’s principles into your data-gathering engagements in clear, sensible language, not just yesterday’s perfunctory checkboxes for the consumer’s consent, but the plain language of engaged consumer understanding.
These engagements need to be precise and, above all, designed to protect the consumer. To execute well in a world of ad blockers and unsubscribe buttons, brands need to get creative. But that’s what they do best, right? As UK Information Commissioner Elizabeth Denham put it, “it’s not privacy or innovation - it’s privacy and innovation.”
The payoff? Respecting your customer base through good use of this new privacy framework will greatly enhance consumer trust, respect, and confidence.
Leading the way and reaping the benefits
GDPR is all about putting control in the hands of consumers, but most consumers don’t know that yet. Many haven’t heard of it, let alone their newly-enhanced rights to privacy or even compensation. And that represents a once-in-a-generation business opportunity to re-engage audiences before consumers take the lead. Brands can drive these interactions in a way that lets both parties win.
What will consumers want in the GDPR era? Besides systems that are responsive to their requests and grant them control over their data and how it’s shared, consumers will soon enough learn of - and demand - the basic rights the GDPR grants them:
Coming late to this party won’t inspire the trust that drives brand success. Brands need to understand these concerns and establish trust and confidence early (meaning now).
5 steps toward GDPR compliance and enhanced consumer trust
Let’s review five actions brands can take to align with the GDPR, looking at the Regulation as a chance to strengthen consumer trust and engagement. Don’t panic! GDPR means business, but your team shouldn’t be in a frenzy. There’s still time to bring your company into compliance with the new Regulation and effectively engage consumers. This should be seen as a business opportunity, not a disabler. Putting your efforts into place now saves you from panicking later.
Brands still have plenty of time to prepare for GDPR compliance and improve their consumers’ experience, but they need to begin now if they’re going to make their data processes both compliant and engaging.