Startup Observer.com
  • Home
  • Industries
  • Innovation
  • outsourcing
  • Business
  • Finance
  • Headlines
  • Opinion
  • News
Home Business Three Years Later: GDPR is All Talk and No Action
Business

Three Years Later: GDPR is All Talk and No Action

by wrich July 9, 2021
July 9, 2021
gawdo

The General Data Protection Regulation (GDPR) was introduced on May 25th 2018. This legislation focuses on data protection and privacy across the European Union (EU) and European Economic Area (EEA), while addressing the transfer of personal data outside of the EU and EEA, and aims to provide citizens with more control over their information.

However, three years into a post-GDPR world, the regulation remains all talk, no action – and isn’t quite meeting its objective effectively. Although we have witnessed the likes of British Airways, H&M and the Marriott hotel chain suffer heavy fines of up to £32.1m for their data protection failings, even the latest potential fine on Amazon cannot mask that GDPR still lacks the necessary funding and structure to make it more than an incipient – supposedly hard-hitting – concept.

A big part of the problem is due to the self-regulative – ‘honesty-policy’ – nature of the legislation. It is typically up to individual organisations to record and communicate their own offences and infringements to the Information Commissioner’s Office (ICO), who then enforce the regulation.

Which entity is responsible for inspecting whether a business is actually still GDPR compliant three years later? Who is in charge of validating GDPR compliance? Further, how effective  – as well as  official – is self-regulation in ensuring organisations are co-operating? Russell Loarridge, Director UK, ReachFive argues that Martech and retail technology providers have a greater role to play in GDPR compliance.

Consumers crave reassurance that data is GDPR compliant
Where is the GDPR equivalent standard that proves that organisations are certified as “compliant”?

A GDPR kitemark would solve this problem and offer customers reassurance from brands, and retailers, that their data is being stored and used in a way that is genuinely GDPR-compliant and ethical.

Typically, important legislation, similar to GDPR, comes with a need to meet specific prerequisites in order to certify standards are met. Once it has been proven that these are adhered to, certification usually results in the option for organisations to use a kitemark of sorts as a way of demonstrating compliance has been achieved. Good examples of this in action can be seen from the likes of the BSI or the various ISO standards.

Cookie request immunity – click ‘Accept All’
Is anyone else bored with accepting cookies on every site and every click through on mobile, whilst still not knowing why the site needs that information?

As a ‘form’ of GDPR consent, many businesses often encourage the public to accept cookies when using apps and visiting websites. Is this really acceptable in the eyes of today’s consumer? To the majority of people, cookie requests have become the norm, a boring overhead to using the web.  Users find themselves clicking ‘Accept All’ for convenience in order to reach the online content they were looking for as quickly as they can.

In addition to this, through the pandemic, we witnessed an accelerated change in consumer behaviour. Lockdown restrictions forced people to stay at home and consume media online. This included an influx of film and game consumption, as well as an increase in e-commerce. A new study by Ofcom found that UK adults are now spending more than a quarter of their waking day online – the highest on record. This digital transition demonstrates how more and more data continues to shift online at pace.  This drives a heightened risk for data privacy breaches to take place.

As people spend more time online and share data, this is where a GDPR kitemark could help reassure consumers about where to spend their time or money safely. Furthermore,  the industry could benefit from defining the status of compliance achievement, in a similar way to how PCI DSS compliance is defined. What if organisations could confirm whether they are Bronze, Silver, or Gold GDPR compliant? This will help relieve worries experienced by some consumers and, indeed, help  organisations demonstrate that they are treating customer data with the privacy it deserves.

Consumer demand drives more to be done by tech firms though
Not long after GDPR’s three-year anniversary, at Apple’s recent developer conference, it announced new features that will help users control and monitor apps’ use of their data.

Driven by consumer demand, this is a good move by Apple – we expect the idea of ‘privacy’ to become a competitive differentiator for the tech giant and other ‘copycat’ firms down the line. We anticipate more brands to follow suit as they strive to demonstrate data privacy and GDPR compliance. Within today’s data-driven landscape, people will start to take more of an interest in how their personal data is used too. This is where Martech and retail technology vendors have a critical leading role to play.

As organisations seek to achieve GDPR compliance and data privacy best practice, they need to assess whether they are collecting and storing customer data ethically. For some, this might mean completely re-engineering how they engage with customers at an ‘identity’ level. This is where customer identity and access management (CIAM) technology can help. For ecommerce brands, this is especially crucial to review too – many mistakenly think that their e-commerce engines provide some form of identity management; when, in fact, they don’t.  Further, since there is no kitemark for GDPR yet, a combination of tools, like CIAM, can help firms manage customer identity (and data) effectively and transparently, and support their growing business under the best practice outlined by GDPR.

All of this can help build trust with consumers that personal data is not abused – but, equally, that it will be used to drive relevant and personalised marketing that truly benefits consumers.

Conclusion
What has GDPR taught us over the past three years? Arguably, not a lot.

The current state of GDPR in 2021 consists of self-regulation, a lack of an industry kitemark, as well as an absence in enforcement. For a legislation as important as one that protects the public’s data, more needs to be done to provide confidence to consumers that their information is being respected by the rules set out by GDPR’s regulatory requirements – but, equally, that brands, or retailers, don’t just superficially try to meet these requirements. Instead, ethical data management and privacy should ideally underpin their character, customer relationships and GDPR efforts long-term.

www.gawdo.com
Share on FacebookShare on TwitterShare on Linkedin
0 FacebookTwitterPinterestEmail
previous post
Brand Strategy Tactics for an Online Learning Platform
next post
Lux Afrique Polo Day Announces Exciting Return of Europe’s Premier African Polo Event

You may also like

Celonis and EcoVadis outline sustainable procurement partnership 

June 27, 2022

How can retailers launch an effective marketplace platform?

June 24, 2022

Check Point Software Opens New London City Office...

June 24, 2022
Editorial & Advertiser disclosureEditorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
gawdo.com
https://www.gawdo.com
  • About us
  • Advertising & Terms of Use
  • Contact Us
  • Privacy Policy

@2021 - All Right Reserved.


Back To Top
Startup Observer.com
  • Home
  • Industries
  • Innovation
  • outsourcing
  • Business
  • Finance
  • Headlines
  • Opinion
  • News
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT