The implementation of the General Data Protection Regulations in May 2018 has brought the data industry into sharp focus. The hyper-connectivity of people, businesses and organisations domestically and globally over the internet and mobile technology means that the global economy is fast transforming into a digital economy and conventional notions of how businesses are structured are being challenged. Data on consumer behaviours across domestic and global markets has become the central driver of business strategy. Consequently, the data professional has become a critical function.
Data is one of those areas that requires both a depth and a breadth of knowledge and understanding across technology, regulation and business needs. Learn about how technologies drive the digital economy and underpin data analytics. Learn how that fits within a wider corporate strategy and their longer term impact on industry domestically and globally.
The biggest surprise with the implementation of GDPR was the level of panic and activity in the market leading up to 25th May 2018, especially given the four years’ prior notice. Although the large majority of businesses were dealing with traditional data processing, the greatest unknown was the impact on the ad-tech industry and digital services. The interplay of technologies for tracking and monitoring behaviours required to deliver services that consumers have come to expect and take for granted has spawned an extremely complex eco-system. Businesses used the opportunity to renegotiate commercial deals, beyond merely GDPR. Tech companies and data intermediaries were and are aggressively wrestling for power over data.
GDPR shone the spotlight on the commoditisation of data. The risk of a no-deal Brexit has highlighted the dependence of UK businesses (among others) on cross-border dataflows, in particular for the digital economy, to which the expansion of the definition of personal data to include personal identifiers has had the most severe impact. Like most other types of business in the UK, there will be a period of uncertainty. The new ePrivacy Regulations will continue to be debated and delayed, while regulators try to gain an understanding of the complexity of the eco-system.
My area is data protection and data compliance. It is always challenging to find people with both a deep of understanding of the regulatory requirements, and the analytical ability to apply this to the business. There is a tendency to cite laws and regulations blindly without analysing the particular facts and how those laws or regulations would impact a particular situation. There is a lack of understanding as to what “privacy by design” means in terms of how a business should operate. There seems to be an over-focus on creating paper trails without practical solutions. The only way to deal with this is through training and education.
GDPR has forced organisations dealing with data get their house into order. With that, governments and regulators are also starting to look at market dominant players and the wider abuse of personal data and breach of privacy. It will be a real challenge, but the regulators now have more power to bring companies to account for those abuses.