Skip to content

GDPR: Is it a threat or a boon?

General Data Protection Regulation GDPR

25th May 2018 – This is the deadline for GDPR to be enforced all over the EU. As nations prepare for D-Day, there are still many issues that need to be addressed. While some look at this as a boon for citizen’s privacy, what would be the impact on personalization and the customer-centric approach which is the mantra for businesses today? How will “the right to be forgotten” and “the right to withdraw consent” affect tech giants that rely on customer data for their bread and butter?

GDPR – What it Entails

General Data Protection Regulation (GDPR) is a ruleset that “was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.” 

The ruleset includes a detailed code of how organizations that hold customer data should ensure respect for privacy of their customers. Though this is a European Union regulation, it holds implications for any organization that collects data from, offers services and products to, or monitors the behavior of EU citizens. Technically then, this regulation has far-reaching consequences. And a hefty consequence at that, since non-compliance could mean fines of 20 million euros or 4% of your turnover!

The regulation focuses on ensuring the following Rights:

  • Right to be notified of a Data Breach – this means that customers must be made aware of any access to their information if it is a risk to their freedom and rights.
  • Right to Access – This grants every individual the right to know how and where their personal data is being used.
  • Right to be Forgotten – Through this clause, every individual can ask for all their data to be deleted and put a halt on the further distribution of their data to third parties.
  • Data Portability – This allows individuals to request for their personal data and transmit it to another controller if they so desire.

Though there are many other directions in the regulation such as Privacy by Design and the stationing of Data Protection Officers, these give us an idea of what the GDPR is focusing on. Consent seems to be the keyword and it means more than a tick in the box at the end of a legalese coated web popup.

Repercussions on the Tech Industry

Let’s start with the obvious – the technology industry’s reliance on monetized data to understand customer’s needs and come up with effective product ideas and marketing campaigns. This might hit a major roadblock with the new regulations in force.

Consider companies like Microsoft, IBM, Amazon, Google and other information sharing and cloud service providers. They have a huge stake in hosting information in data centers for other companies and will now be under close scrutiny. What will Facebook do? The right to withdraw consent and to be forgotten will also mean the loss of huge storehouses of valuable data. Moreover, the need to comply with GDPR requires systems and internal processes that need to be put firmly in place. This will be quite an expensive overhaul.  

Not All Bad News

From an individual’s perspective, there is no doubt about it – GDPR is a definite boon. The fact that there are strong measures to ensure that their data will not be misused will most likely dispel their reservations in sharing information. While GDPR will be an implementation challenge for companies worldwide, the news is not all gloomy either. This regulation and the processes that come with it will definitely aid in bridging customers’ distrust in connection to information sharing. It will ensure transparency that has always been valued by consumers and will provide a stronger basis for brand loyalty.

Organizations are rising to the challenge. I saw overwhelming evidence of this at the recent Nordic Edge Expo. I was delighted to support Bolder, a dynamic company that is working on giving back the power over their data to the customer. Instead of looking at it as a standoff between customer and client, Bolder equips organizations to empower their customers “with the gift of owning and managing their relation to your company.” As their technology partner, we are looking forward to embracing GDPR and overcoming the challenges it will bring. I would love to hear more about how your organization is bracing itself for this change.