One of my colleagues was at a GDPR seminar in Cardiff last week and somebody in the audience actually asked this very question.
1. Did they book the seminar not knowing what they were going to?
2. Have they been living on another planet for the last couple of years (certainly the last 3 months as everyone on LinkedIn these days appears to be an expert!)?
3. Isn’t the right message getting to the right people at the right time? Maybe, just maybe it’s a mixture of all three or more possibly there is still too much confusion and uncertainty out there.
To me, GDPR doesn’t just stand for the General Data Protection Regulation, it stands for – or means – Getting Data Protection Right!
And, to get data protection right, you have to sometimes take a step back, take a long hard look at what you are doing and ask yourselves, “does this feel right?” Put yourself in the shoes of your customer, supporter or member (we use the term Citizen at MyLife Digital because there are so many different personal data contexts) and think “How would I like it if I found out that an organisation I had trusted with my personal data was using it for a purpose I either don’t understand or even know about?”
The GDPR has a much greater focus on the rights of individuals, or to use the author's terminology "data subjects"!
I always ask my clients, before they embark on any new re-permissioning strategy of data they already hold on Citizens, “If you continue with this plan will it build on the trust between your organisation and the individual?”
Trust is the credit rating of the digital economy, where data is the currency. There have been many papers published highlighting that consumer trust has eroded hugely in recent years. This is a result of multiple factors which include data breaches, product and service un-deliverables, incorrect targeting, false expectations or downright dishonesty in the case of PPI cold calls!
The 2017 Edelman Trust Barometer, a global annual study, reveals that trust is in crisis around the world. The general population’s trust in all four key institutions - business, government, NGOs, and media - has declined broadly, a phenomenon not reported since Edelman began tracking trust among this segment in 2012.
Accenture surveyed 600 businesses around the world, 79% indicated they collect data directly from individuals’ online activity, and a third from connected devices. But consumers are biting back, 37% of customers said the manner in which a company secures personal data is a top determinant of loyalty. Losing customer trust is a big problem, as 8 out of 10 consumers won’t do business with companies they don’t trust.
At MyLife Digital we strongly believe that trust, and Citizen Trust in particular, should be at the heart of your GDPR strategy. This requires an organisation to identify and review every activity that captures and processes personal data and then;
- Be transparent about the data usage (what data, for what purpose and who it might be shared with)
- Empower the Citizen to exercise their rights over the usage and access to their personal data and insights thereof
- Ensure accountability across the data processing supply chain.
How companies manage, secure and share their customers personal data is fast becoming the determining factor in profitable customer relationships. Those that get the trust equation right by empowering the citizen to have control over their data usage will be the ones best positioned to capture the most valuable customer data, as well as digital’s full business potential.
In an article in Harvard Business Review, the authors state, “a firm that is considered untrustworthy will find it difficult or impossible to collect certain types of data, regardless of the value offered in exchange. Highly trusted firms, on the other hand, may be able to collect it simply by asking, because customers are satisfied with past benefits received, and confident the company will guard their data.”
We are entering a new era in the digital age. Wearables and the Internet of Things are going to generate more personal data and more (quite literally) life changing opportunities for Citizens that are prepared to share this data. Trust must be at the heart of this new age.
Don’t be afraid of the GDPR – it is a great opportunity to rebalance the control of personal data between the Citizen and the Organisation and build those trust credits.