Hello. I’m here to tell you why GDPR will make the world a better place. Now, the good news is there’s a lot of content on GDPR, and I will explain shortly what it is. I’m not going to go into the whole compliance side of things. We are gearing this to the consumer, to the end user. But, it’s important and I’ll tell you a little bit about it.
When will GDPR be introduced?
So, GDPR was adopted in April 2016 by the European Parliament, but it’s actually coming in to action in May next year. Now, companies can receive a fine in relation to GDPR – which I’ll talk about shortly – of €20 million, or 4% of their global turnover, whichever is the greater.
Who does GDPR apply to?
And, who does this apply to? It applies to any company processing personal identifiable information on citizens within the EU. So, you don’t need to be based in the EU, we can talk about the major players – Google, Facebook – if they are processing data of EU citizens, this applies to them. So, pretty much any major organisation.
Now, there’s been … A lot of people have reacted to this, have gotten quite scared. The implications of failing to comply, or having any breach of personal or PI information, the consequences in terms of those fines are huge.
Case study: Wetherspoon
So, an example is Wetherspoons, this is an article that’s on Wired. So, Wetherspoons has deleted its entire database. You can see here, this is an email – it’s quite difficult to read – but they’ve sent it to all of their database, so all of their users, basically, saying that they are being removed from their email database, and if they want to be kept up with information on Wetherspoon, there will be updated information on their website. So, they can visit that, as and when they want.
So, pretty big steps. Obviously seriously concerned, and that’s not the only company doing that.
Who has already been fined?
And if we talk about some things that have happened in the past. In March, Flybe was fined £70,000 by the ICO after sending out more than 3.3 million emails, under the title: “Are your details correct?”
In the same month, Honda was fined £13,000. Again, by the ICO, for sending out 289,000 emails asking consumers whether they want to receive marketing information from them.
Again, in June, Morissons was fined £10,500 for sending out 131,000 emails to people who’d opted out of marketing related to their Morisson loyalty cards. They had already opted out.
So, these fines are pretty small, right? They are not major. These are huge organisations. But, if this was to happen next year after May, the implications are massive.
What will change when GDPR is introduced?
Now, talking about what’s actually changed. So, what’s happening in relation to the GDPR?
One of the biggest things is opt-in consent. At the moment when you opt-in to something, it’s not very clear, massive terms and conditions, it’s not really transparent. You don’t know what you are opting in for. But, more importantly, it’s really easy to do. You just click a box, you opt in. Now it’s supposed to be as easy to opt out, as opt in. So, thinking about that in simple terms, I get so many spam emails, so many spam phone calls. It should, in theory, in future, be easy to stop those, and get people to actually comply and remove your information.
Now breaches. So, we talked about a couple of breaches, one’s in relation to Honda, if that was the case, then within 32 hours – so, a short window – all consumers in relation to that breach, need to be notified.
Right to request the access to information that companies hold on you. This, for me, is the biggie. I’m going talk about it in more detail shortly. But, there’s an article – I encourage you to read it – on The Guardian, about a lady who used Tinder. She used it for some time, messaged many people. Now, she requested Tinder to give her all the information that they are hold on her. An 80 page written document came her way. An 80 page document. It didn’t just relate to every single conversation she’d had on there, every match, the age of the men that she is talking to; it related to what she’d liked on Facebook. It related to geo locations. The amount of information completely shocked her, and the amount of information these companies hold in us all without us really knowing is pretty substantial and quite scary. So, in future, that documentation will need to be given in a digital format. Not written documents, and we all have the right to request that.
Now, users can request for data to be removed. A simple example, we’re members, at RocketMill of The Gym Group, corporate membership. Say, for example, one of us opted out and wasn’t a member, we could request for that membership, that the details of us – our PI details – be removed.
You can ask for your data to be transferred. A lot of us use comparison sites, we might use MoneySuperMarket, Compare the Market, there’s many different players, but you can ask for your data, to either have your data, or for it to be transferred to another player. Which is another key area.
Also, any public authorities or companies with more than 250 employees, have to have a data protection officer. Now, it doesn’t mean that they have to be employed, they can be a contract, there are many different ways of working it. There are companies that will be exempt from this. For example, if you don’t process PI data, but you need to hold a record that you’ve audited that, and clarified that. So, it’s a pretty substantial step, and most companies are talking about it in relation to compliance, and not being fined. But, actually what does it mean to the consumer? That’s what I’m going to focus on.
Now, if you do want more technical details, Rhys, our Head of Data and Insight back in May. So. I’d encourage you to visit this URL if you are more interested in the technicalities. But, for today, I’m going to talk to you about why GDPR will make the world a better place.
Why GDPR is good for marketers
Now, in the agency world and advertisers, last two years, advertisers have been pushing agencies for greater transparency. So, that’s mostly related to media buying. But, the important thing about this is now it’s moving to the consumer. We need to be completely transparent in what we are doing with the consumer’s data. They need to understand it. There needs to be education, which is massively important.
Let’s think about this. Let’s go back to you asking a company what data they have on you. Do you think companies can have thousands of people sitting there, putting that information together and sending it across? You can’t. Now, the businesses I’ve talked about – not your Hondas, not historic businesses – but businesses like Facebook, they’ve been born in digital world. A lot of the companies that we deal with, they don’t have robust CRMs, they don’t have all of their different systems talking to each other. Now, if you are going to efficiently tell someone what data you’ve got on them, you need to have a very robust CRM, understand where your users, where your customer base, where your consumers have interacted with you. What information you have on them, and you need to be able to supply it very quickly.
Quality data leads to better marketing
So, what does that force you to do? Similar to digital transformation, it forces you to put data at the heart of your company, and it makes sure a lot of your data is clean as well. That’s the biggest point that excites me. Why does it excite me? There’s so many reasons. But, one of which: quality data makes for more efficient marketing. So better targeting, which is going to be huge. If we gear up for this properly, this is an opportunity and shouldn’t be seen as a negative thing. There are the short-term pains, because there’s a cost to get ready for it, but once we’re there, makes for a great opportunity.
Greater transparency will encourage trust
A lot of the time, we don’t know where these people have got our data. Having complete transparency is going to build a relationship between the advertiser and the consumer. So, it’s going to build a little bit of trust and make it more meaningful for brands and consumers.
A lot of the time we talk about, in marketing, we talk about first party data, second party data, and then often, to get reach, we use third party data. Now, a lot of the time the communication I get, I don’t know where they’ve got my data from, it’s not very clear, and data is traded so cheaply, so, so cheaply. This puts the value back in to data, and gets advertisers to properly consider why someone like us, someone like you, should give your data.
Case study: Social Bicycles
Now, an example of this is a company, Social Bicycles, so if we think about Boris bikes in London – they’ve changed names etc. – quite a clunky experience. This company have an app that you can download, you can sign up for a year subscription, you can put £10 on in, typically costs one pound per ride, first 30 minutes are free.
Now, there’s a big data exchange going on here that they are very transparent about. So, you are getting so much of this value in exchange for your data. Now, they can see, obviously, how often you are using it, what typical routes you are going down, so there’s a lot of information that you are actually giving them access to.
What value are you giving to your consumers?
So, the question that I put to you, in marketing or your overall business, what value do you giving to the consumer, to the end user, for their data? What is the trade off? Let’s not just think about compliance and getting ourselves regulated and “stop this fine”. Let’s actually start thinking about the end user, and think about that value exchange.
Thank you very much.