Why GDPR is good for Business and Citizens13 Oct 2017
The world where business’ have a free for all over personal data is changing. Why though is the change occurring? The first reason is the new data protection regulation. GDPR. I do not congratulate legislators often, but this is actually good legislation.
Don’t Panic. Life is Good
GDPR is good for us as citizens as we now have more control and can now start to earn real benefits from our personal data. Plus it is good for society as something with economic value (our personal data) will now attract the right type of investment, which means we as customers/users/citizens benefit. All those in business are still someone’s customer.
Not all about legitimate interest
The legal community (and to some degree the ICO too) are backing the use of legitimate interest as the firmest base for processing personal data when consent has not been secured. In many circumstances this is right. However, GDPR is also about transparency, so even with legitimate interest the data controller still has to clearly explain what data is being used for. Therefore, an opportunity exists to be more transparent in the use of personal data. Perhaps now we can start a trend that will also see the demise of terms and conditions full of legalese that no one reads!
Good for Business Too
This new regulation is good for business too. Firstly, all personal data being processed must have purpose. Data without a purpose is a burden. An imperative and the capability should now exist as a result of GDPR to exorcise this deadweight data. Additionally, having the consent to process someone’s personal data is an example of trust. Improved trust in the brand will improve sales and customer satisfaction. Plus, the cross organisation discipline that GDPR demands will improve the bottom line by saving money and reducing risk. Especially with regard removing data without a purpose.
Key with GDPR is Protection
The key word though with GDPR is Protection. The responsibility is now on business and organisations acting as data controllers or processors to know what personal data they are processing and why. Ensuring this data is suitably protected as well as being responsible guardians of this personal data when using it. It is the new process’ and change in how an organisations staff use personal data that will see the biggest changes.
This will require a shift in mindset across lines of business where they interact with personal data. Be it personal data in HR, or customer data in Marketing, Billing, Operations and Customer support. The key though is having a Privacy Impact Assessment (PIA) completed. The next step is to ensure that the fixes identified include people and process aspects as well as a little investment in some technology.
CFO opening the wallet
GDPR is a good time to prise open the CFO’s wallet so that a series of targeted yet joined up investments across the organisation will realise a more fit for purpose outfit post 25th May 2018. Marketing need to justify personal data ownership and encourage a personal service offering, which will require a response from operations and customer support. All parts of the organisation will be impacted, but look at it strategically and the benefits will outweigh the costs. Take advantage of this imperative to act. Your competitors will if you don’t.
Rise of the the Experience
The second reason is humanities growing desire to have an ‘Experience’. Simply purchasing and owning something is now no longer viewed as a must have. The life you lead is more important. As can be seen by the way we are constantly telling the world what we are doing via our social media feeds. But in some respects this is still our data we are choosing to share.
Sustainability and Sharing
Added to a growing realisation that a more sustainable approach is better for the planet. Allied to technology enabling ‘things’ to be easily shared means that owning stuff is no longer necessary. Sharing is both good for the wallet and good for the planet. Plus it leaves more income to spend on the ‘Experience’.
Which from a retailers perspective they are handling a double whammy. Shopping, will become ever more dominated by web based purchasing, therefore to differentiate and to attract footfall the shopping centre now has to provide an ‘Experience’. Customers will demand a great day out, irrespective of anything being purchased. It is what you saw and did, as well as who else was there and how did you share the ‘Experience’. Then you buy online.
Another way to differentiate in the retail and hospitality space for example is to provide that really bespoke personal service. From the moment the customer decides to visit to their return home the ‘Experience’ is magic. Everything from transport, through to meal reservations and the after dinner show were delivered like clockwork and all the favourite things were laid on as if by magic. Every customer will be treated like a rock star. Minus the tantrums.
Shift to Personal
So the shift to personal service delivery is now gaining momentum. Some are already cashing in on their brand value. With Personal Information Managers such as Meeco & Digi.me encouraging the creation of the view of You as the Data Controller. All this points to a new trend in how personal data can and should be exploited. That is, enshrine Privacy-by-design and be transparent in request for personal data; build/reinforce trust and reward users with awesome services.
Surveillance Culture Undermined
The third reason is societies growing wariness of digital intrusion and tracking. A desire to check out of the constant scrutiny. Why does the internet have to be so invasive? Yet at the same time why cannot a retailer know that I have made the purchase and I was happy. But the constant pop-ups are making me re-think a next purchase. So out of spite it will go to a competitor, even if I end up paying more. Yes deploy ad-blockers but surely we can be smarter here. After all, we are being tracked.
What is missing?
What this then needs is a way of bringing together seamlessly the capture of consent from a user. Then a way of sharing this consent statement with those that need to know. But does this give users real control? Sort of. Depends how the consent was captured. Is it timely? Was it transparent? Was it unambiguous?
Plus it needs ownership and leadership that spans the organisation. Backed up by new tools, process and approach. A good place to start is to engage some experts.
KnowNow have developed a new service called Consentua that takes the strain out of capturing the consent from users to process their personal data. The service gives users choice and control over their personal data. It is transparent, unambiguous and very flexible.
Comprised of two parts a secure API and a widget. The widget seamlessly deploys into your code and then simply and transparently informs and asks your users for their consent. The API requires a user specific token so as to grant access to your very own bespoke consent service.
Consentua is designed to be fully in your control, offering maximum flexibility but low impact in terms of integration. With minimal effort to set up and test. Multi language support and real time changes to the consent service are available out of the box. The business can evolve the service offering versus the personal data requested over time as Consentua can adapt very quickly and easily to this change.
Who is it good for?
The service is suitable for organisations that want to have a transparent engagement with their customers; or perhaps a business that requires a consent receipt to be shared across multiple parties internally or externally; or where a global business wants a single method of consent capture but local language deployments. Then Consentua is a great fit.
Price is Right
The service is available now priced from $99 for SME’s through to $8999 for Large Enterprises.
For more information go to www.consentua.com Now all of us users are in control.
Thanks for reading, Chris
Chris Cooper is CTO of Consentua and co-founder of KnowNow Information.