Mar 22, 2018
by Mike Benns - Managing Director
If you haven't heard about GDPR yet then where on earth have you been!!?
The General Data Protection Regulation is the EU initiative designed to make the collection, storage, transfer and usage of personal data much cleaner, simpler, safer and fairer for consumers. It's due to come into force on 25th May and before you ask... it is totally unaffected by Brexit.
Whilst I am delighted about GDPR from a consumer's point of view, it is causing a few headaches for businesses. As an agency that runs consumer promotions for FMCG brands, we collect and hold hundreds of thousands of records containing personal data although, thank goodness, nothing that is regarded under GDPR as 'sensitive' data such as sexual preference, ethnicity, religion etc. No, our data usually just stretches to names, email and postal addresses. If we did collect sensitive data then another whole load of restrictions are put upon us... but as I say, all in all, GDPR is a good thing as it is purely giving more concrete rules and regulations around the processes that we already use.
For data collected online, there will be no more pre-ticked boxes and all opt ins must be a positive action, i.e. 'tick here if you want to hear from us', not 'tick here if you don't want to hear from us'. I must admit I am looking forward to the (hopeful!) drop off of unsolicited email and spam. Also for the storage and transfer of data, systems have to be made completely secure (not that our's aren't already!). No more sending personal data of consumers off in an email... they must be contained in a secure passworded file and then the password must be tansmitted via an alternative route (text or over the phone).
The exasperation expressed in the title of this artcle is more to do with the hype around the implementation of GDPR. There are plenty of 'chancers' looking to make a quick buck and frighten corporations over the implications especially when you consider the penalties which can be fines of 4% of global turnover or €20m whichever is the greatest.. a sobering thought for ASDA who as part of the Walmart empire could be fined up to $20 billion!! The hype reminds me of the millennium bug when the doomsayers were making hay convincing us that whole hosts of computers would pack up at the stroke of midnight on 31st December 1999. Guess what..? It didn't happen and I don't believe for one second that any business that takes data seriously and implements the GDPR principles consistently and conscientiously will be penalised.
The Data Commissioner at the ICO, Elizabeth Denham, has got far bigger fish to fry, expecially when one considers the recent controversy with FaceBook and Cambridge Analytica, a true indication that corporations have been far too blasé with personal data in the past.
Let's hope that the morning of the 26th May is fine and sunny and we all wake in the knowledge that our data is a little more secure than it was before.
If you found this article interesting then please click here to subscribe to our monthly newsletter.