Modern life is lived online.
Whereas ten years ago we may have had a MySpace profile here, an MSN chat account there, today our digital world is an all-encompassing extension of our physical lives. The Internet is home to some of our most sensitive data, from the state of our bodies to the political thoughts in our heads. This brings a need for regulation, a guarantee that we control our digital identities and retain our privacy.
In this context, General Data Protection Regulation (GDPR) is a welcome first step in creating an environment fit for the digital age. Due to come into force in just under a year’s time, this regulation will give consumers the ability to manage who has their data and what they do with it. As individuals, we should be delighted by this.
Yet many businesses are less than enthusiastic, treating GDPR as another red tape burden. Too many companies are sinking huge sums of money into just becoming compliant, while many others are ignoring the looming regulation altogether.
This is a missed opportunity. GDPR is a chance for businesses to sail ahead of competitors – to become their industry’s Netflix and leave rivals in the Blockbuster Bargain Bin. It is also a significant opportunity for the UK economy to become more creative and productive.
GDPR hinges on trust and consent, with individuals able to withdraw their consent for a business to use their data. This makes trust an invaluable asset, since a consumer is only likely to give consent to a company that they trust. Businesses that earn this will have far more data than lesser-trusted rivals, giving them a massive competitive advantage.
Earning trust is not easy. It requires that a business acts ethically, something which is more than a PR exercise. There must be a company-wide commitment to doing the ‘right thing’ with personal information. Companies that only pretend to do so tend to get found out and suffer from a backlash and potentially a permanent loss of customer trust.
In addition, GDPR creates an environment that places a premium on the development of new customer experience and products that benefit the consumer, ones that incentivise consent. A house buyer faced with mountains of forms could be saved from hours of bureaucracy if a service used their data intelligently and streamlined the process. Such a service would require consent and, so long as the provider is trusted, is likely to receive it since there is an obvious benefit to the consumer.
It is not too hard to imagine a future in which a car is able to pre-emptively stop before its driver suffers an epileptic fit, because it has access to a driver’s biometric data. This is a world in which data actively saves lives, one where consumers and businesses benefit from a more intelligent data economy.
Prior to GDPR, business has been lazy and short-sighted in how it uses data. It was mainly collected and then used for advertising, often data was sold to third parties. This practice will continue in markets that lack regulation.
America recently rolled back data regulation introduced by the Federal Communication Commission which limited the collecting and selling of data. This repeal of regulation sets the USA on the wrong course, the country will be at a significant disadvantage if its businesses remain lazy in their data use while British and European rivals become more creative thanks to regulation. Not only will this harm American business, but American customers will lose out on privacy and access to market-leading services.
To create a strong market based on trusted data sharing you need strong legislation and regulation
GDPR is a boon for the UK and an invaluable step towards protecting individuals in the data age. Yes, it is a challenge for business. However those who look at is as an opportunity, rather than a layer of red tape, stand to earn huge levels of trust from consumers and can create massive value for themselves and their customer base. Businesses need to be creative and, perhaps most importantly, begin acting now.
Read more: GDPR: Winning the Battle for Consumer Data