There has been buzz this year about recent regulatory changes in data privacy including the GDPR in the EU and the California Consumer Privacy Act. Companies need to know about these changes to understand the impact on how they handle consumer data and the implications of not complying with the new regulations.
What is the GDPR and Why Does it Matter
The GDPR grants EU citizens explicit power over their information and the right to decide what companies keep, how it is used, and whom it can be shared with. It also grants the right for EU citizens to take their information back (and in essence removed from a company’s servers). What this means:
The GDPR grants EU citizens explicit power over their information and the right to decide what companies keep, how it is used, and whom it can be shared with. It also grants the right for EU citizens to take their information back (and in essence removed from a company’s servers). What this means:
More Control for Consumers
The GDPR is not just about protecting privacy. It is about shifting control of personal information into the hands of consumers and away from businesses. The intent is clear; consumers should have control over their personal data, not corporations.
The GDPR requires (massive) changes to systems. Especially niche ones that specialize in consumer data and analytics. Entire industries may vanish and new ones are already emerging. The impact of the requirements, and how they are enforced, affects technology as it is now, and how it is developed including impact and development of AI, machine learning, and other emerging marketing technologies.
More Regulations for Corporations
Organizations impacted by the GDPR, will now have to demonstrate compliance in new areas, including audit trails for how data is acquired and consent was earned. The costs associated with this are not inconsequential.
More Ambiguity
GDPR compliance requires that individuals be able to opt out of being subject to automatic decision making, which already includes the use of cookies on websites, but can also mean personalized marketing. Further, individuals must also give consent to their information being processed. While it is uncertain how the inevitable lawsuits and regulatory challenges will shape these areas, what is clear is that the GDPR was designed to force change. This means that EU citizens can say no to being part of marketing automation, and no to their information being augmented by third party services. Both common practices currently.
Consumers will be given an off-switch for their data and that changes the game. Corporations need to understand what they should be doing today to address the impact of these recent regulatory changes.
Learn more by downloading this Understanding Data Privacy Laws & How They Impact Your Business white paper (PDF) from Husch Blackwell. The white paper covers what companies need to know about the data privacy and the GDPR including cyber-statistics, regulatory challenges and compliance solutions.