It’s the acronym that’s taken the business world by storm: GDPR, or the General Data Protection Regulation. The European policy will be implemented this Friday, and its stipulations have already affected how businesses of all sizes and functions around the world collect data. In short, GDPR gives more control over personally identifiable information (PII) back to consumers in the EU, which has both brands and agencies apprehensive about the future of targeted advertising.
Even with an overwhelming number of articles offering a guide to GDPR, the law’s implications can still seem intangible. With this in mind, we sought to understand how GDPR will affect business/consumer relationships. Let’s take a closer look.
In an age riddled with data-related scandals, GDPR puts the proverbial steering wheel into the hands of consumers. Want to know how Facebook is using your data? You got it. Tired of being targeted by that retail brand whose site you only visited once? Consider yourself forgotten. With the new privacy law in place, consumers have the right to access their PII that’s being used (and see how), and have the ability to be forgotten by platforms. And while sometimes having to erase collected and stored data isn’t ideal for businesses, it means rekindling the trust that consumers have lost in brands over the years. What’s more, data erasure will help better ensure that the consumer information companies have is more up to date (i.e., Fab_Soccer_Grl7’s email that hasn’t been used since 2006 will be wiped, as will the address she hasn’t lived at for 10 years).
Going a step further, companies will also be required to notify users of data breaches within 72 hours of becoming aware of the issue, possibly avoiding the damage to trust suffered over the years by Adobe, Target, Equifax and Uber. That, coupled with the ability for consumers to download their data and offer it for third-party use (data portability), means consumers will have a better understanding of the value of their data.
Potentially one the biggest concern for brands—privacy by design—is another key aspect of GDPR. This specifically requires that privacy be considered in the earliest phases of the creative process, stating that, unless the data are crucial for the design process, don’t use it. In other words, how data informs creative work will change completely. It will force designers to gain a deeper understanding of how the technology they use works in terms of collecting information, and forces them to altogether re-evaluate the importance of the data they have on-hand.
We live in an era that’s gradually passing more and more control to consumers. Influencers abound, and UGC (user-generated content) is already considered an increasingly powerful marketing tool. How will the transparency encompassed by GDPR amplify that? … We’ll get back to you on that one. While GDPR presents many challenges for all kinds of companies, it’s inevitably an opportunity to win back consumers’ trust after years of wilting. At the end of the day, those brands who are most trusted by users will likely see the most data collection—incentivizing a higher standard of business ethics for each brand and its competitor.