GDPR compliance will bring a business mental shift in 2019 – specifically, the impact on the perception of data as a commodity
The European Union’s new General Data Protection Regulation is a massive expansion of the scope of data protection and restrictions on the use of personal information. The restrictions, alas, are not geographic: You, your company and your clients may not be in the EU, but if you do business in any of its member states, or count any of its 500 million citizens as a customer, you’re likely to be as subject to GDPR’s 99 articles as if you were sitting in Brussels itself. And those 99 articles cover a frightening range of topics, from collecting to holding to processing to transferring to overseeing to safeguarding the data you have about those citizens. With potential consequences: Fines of up to 4% of annual global revenues or turnover.
Whose data Is it?
GDPR itself has been built upon the notion that ‘everyone has the right to protection of personal data.’ While this principle has been around for decades, it has extra resonance in society today.
At present, scrutiny of business’ handling of personal data has gone mainstream, and discussions around what uses of this personal data may-or-may-not constitute a violation of customers’ privacy are no longer just the province of privacy lawyers and advocates.
This is because – now more than ever – people are waking up to how businesses are treating their personal data as an asset – an asset that people are increasingly viewing as belonging to them, the individual. And, so, they want the right to decide and dictate when and how this asset is used, and they want it protected.
In fact, SAP and Arlington Research’s 2017 report has revealed that over two-thirds of consumers do not trust brands to handle their personal data appropriately. Conversely, a similar percentage of individuals consider it their own responsibility to safeguard and manage their personal data.
This dynamic demonstrates just how true-to-life GDPR’s core sentiment is. The idea that people’s data should be safeguarded as a personal asset belonging to the individual is far more than an ideal, it is becoming the expectation for the average consumer.