GDPR News Center News for 10-14-2018

No one’s ready for GDPR

The General Data Protection Regulation will go into effect on May 25th, and no one is ready – not the companies and not even the regulators. In today’s meeting with the European Parliament, Mark Zuckerberg said Facebook would be GDPR compliant by the deadline, but if so, the company would be in the minority. When broken down by industry, 60 percent of tech companies said they weren’t ready. GDPR is an ambitious set of rules spanning from requirements to notify regulators about data breaches to transparency for users about what data is being collected and why. Perhaps the GDPR requirement that has everyone tearing their hair out the most is the data subject access request. 

A year ago, 61 percent of companies had not even started GDPR implementation. It’s not a pleasant position to be in, because GDPR can allow regulators to fine companies up to 4 percent of their global revenue for violations of GDPR. To put that in perspective, a 4 percent fine on Amazon would be $7 billion. Because much of GDPR is ambiguous, how it will work in practice is up to what regulators do with it. Another GDPR provision that might strain regulatory resources is the data breach notification requirement. 

Regulators may not be ready to audit a company’s security or figure out exactly what to do to protect EU residents affected by the breach. GDPR is only supposed to apply to the EU and EU residents, but because so many companies do business in Europe, the American technology industry is scrambling to become GDPR compliant. The breach notification requirement, especially, is more stringent than anything in the US. The hope is that as companies and regulatory bodies settle into the flow of things, the heightened privacy protections of GDPR will become business as usual. 

Keywords: [“company”,”GDPR”,”Data”]
Source: https://www.theverge.com/2018/5/22/17378688/gdpr-general-data-protection-regulation-eu

No one’s ready for GDPR

The General Data Protection Regulation will go into effect on May 25th, and no one is ready – not the companies and not even the regulators. In today’s meeting with the European Parliament, Mark Zuckerberg said Facebook would be GDPR compliant by the deadline, but if so, the company would be in the minority. When broken down by industry, 60 percent of tech companies said they weren’t ready. GDPR is an ambitious set of rules spanning from requirements to notify regulators about data breaches to transparency for users about what data is being collected and why. Perhaps the GDPR requirement that has everyone tearing their hair out the most is the data subject access request. 

A year ago, 61 percent of companies had not even started GDPR implementation. It’s not a pleasant position to be in, because GDPR can allow regulators to fine companies up to 4 percent of their global revenue for violations of GDPR. To put that in perspective, a 4 percent fine on Amazon would be $7 billion. Because much of GDPR is ambiguous, how it will work in practice is up to what regulators do with it. Another GDPR provision that might strain regulatory resources is the data breach notification requirement. 

Regulators may not be ready to audit a company’s security or figure out exactly what to do to protect EU residents affected by the breach. GDPR is only supposed to apply to the EU and EU residents, but because so many companies do business in Europe, the American technology industry is scrambling to become GDPR compliant. The breach notification requirement, especially, is more stringent than anything in the US. The hope is that as companies and regulatory bodies settle into the flow of things, the heightened privacy protections of GDPR will become business as usual. 

Keywords: [“company”,”GDPR”,”Data”]
Source: https://www.theverge.com/2018/5/22/17378688/gdpr-general-data-protection-regulation-eu

How marketers are navigating GDPR compliance creatively

With GDPR finally enforced, marketers are now legally bound to handle, process and store personal data much more securely and transparently. Interestingly, GDPR has led to a cultural split in businesses. Marketo published a report revealing that GDPR has produced two ‘tribes’. On the other hand, there’s legal-first, which is the group of senders who have focused almost exclusively on the process and compliance aspects of GDPR, without considering the opportunity it presents. For marketing-first senders GDPR provided an opportunity to refresh consent using a variety of engaging approaches, capturing consumer attention and imagination, while also achieving/maintaining compliance with the new requirements. 

Teaching customers GDPR. Another way marketers have engaged with consumers is by presenting GDPR as a customer service benefit. By providing this compliance information in a clear and concise way, marketers have created interest in GDPR by presenting the new laws through a positive lens. Lloyds Bank took this opportunity to educate its email subscribers, setting out the parameters and requirements of the GDPR in layman’s terms that were easy for the audience to understand. As previously mentioned, GDPR is also challenging data controllers to be clear and concise. 

Although GDPR is a serious topic, it doesn’t mean senders suddenly need to adopt a stoic tone – the messages can still be conveyed in a way their subscribers know – and even expect – of their brand, and this will have an impact on success. GDPR is clear that consent must be freely given, and data controllers should avoid making consent a precondition of a service. Take a look at all Econsultancy’s GDPR resources, including a guide for marketers and online and face-to-face training courses. 

Keywords: [“GDPR”,”customer”,”data”]
Source: https://econsultancy.com/how-marketers-are-navigating-gdpr-compliance-creatively/

Leave a Reply

Your email address will not be published. Required fields are marked *