European Union’s long-awaited GDPR privacy laws now in force
Joao Sousa, Partner, Head of Technology Practice, global telecoms, media and digital advisory and investment firm, Delta Partners, discusses the impact on the TMD industry.
For weeks now, inboxes have been flooded with a bizarre ensemble of companies and organizations reminding people of personal data and asking them to agree on new terms of services.
Enter the new year of data protection: the European Union’s General Data Protection Regulation (GDPR) is now here and will revolutionize how our personal information is farmed and managed.
Businesses, large and small, have had at least two years to prepare for seismic changes to the laws that govern consumers’ rights over data and the day of reckoning is finally here.
People are aware of Data privacy
The GDPR has underscored how fundamentally and increasingly complex it is to navigate the digital world.
Never before have we seen the issue of data privacy and protection receive such public scrutiny.
Some of the world’s largest companies have careened from one cataclysmic data breach to another and Facebook’s recent issues ensured GDPR went viral.
So when it comes to data privacy, consumers are naturally becoming wary and the EU is flexing its collective muscle in response.
Discussions have focused on the do’s and don’ts of the legislation and how its ramifications will be most significant in industries where data is essentially the currency on which it operates.
While its main thrust is to enhance citizens’ rights by strengthening the obligations on those who use personal data, the impact of stronger data protection laws will be considerable for telecoms, media and digital industries.
As a fiercely competitive industry where data is king, if customers lose trust in an organization’s ability to protect their data, they can, and will, find other providers.
A need for compliance
There’s also the financial cost of failing to get the GDPR, which are pegged at 4% of global revenue.
With such penalties, potential data breaches are a concern for any boardroom at a major company.
The GDPR introduces mandatory reporting requirements, bringing new elements of risk, such as reputational damage and class action lawsuits.
For example, it is now easier for traditional media and social media to publicise failings, so tech and digital companies must be prepared for stark, judgemental glare of media and customer scrutiny if they breach the GDPR.
Tech companies should have spent the past two years preparing for this law by hiring a data protection officers and ensuring they are able to report data breaches within 72 hours and, generally because data protection is only going to become stronger.
Already, there are plans by the EU to supersede the GDPR with even stricter privacy laws for platforms with its e-Privacy proposal.
This will add teeth to the laws governing data privacy, creating greater requirements for businesses to follow.
Some have argued that there is no need for further regulation as the GDPR already regulates the use of personal data, however, ePrivacy Regulation would apply to all electronic communications data – whether personal or not – and introduces a more rigorous consent standard.
Providing a competitive advantage
There’s little doubt the data landscape is becoming more regulated and ultimately the GDPR is good for consumer protection.
However, this doesn’t mean the GDPR can’t be a boon for the tech and digital sectors too.
Rather than seeing it as yet another compliance burden, it should be viewed by industry as a way to adapt to the digital world.
There are advantages to its implementation as companies now will be able to:
– Review their data management practices and make bold decisions to remain competitive;
– Provide transparency to consumers and engage them in the data protection process;
– Enhance brand loyalty and advocacy at a time when retaining customer trust has never been so important; and
– Implement risk management on a proactive basis to minimize potential financial loss
The focus on consumers can also bring other benefits too. The troves of data that the telecoms sector has can be further harnessed so that it delivers more value to citizens.
For example, companies can analyze data to understand consumers use services and then offering them products that they actually want and improve their experience.
The compliance burden is a headache and may have kept CEOs awake at night, but now that the new rules prioritize consumers, there’s an opportunity for companies to benefit from the data economy.
This will help keep the tech sector, whether its established telcos or smaller digital startups, competitive and encourage them to unlock unexpected value.
In a complex and accelerating digital world, keeping this in mind will mean big wins for consumers and companies.