Paul Simons: why it’s time to wake up to GDPR

On May 26 this year a major cat will be released amongst the feeding pigeons. It goes by the name of GDPR or the General Data Protection Regulation, and it applies EU wide including the UK. In a nutshell it introduces protocols for privacy of personal data on a massive scale.

Failure to adhere to the regulation can cost a business €20m or four per cent of annual turnover, whichever is the greater! Or even worse a bad offender can get banned from operating in the EU.

We all get these irritating calls about accidents, all-inclusive holidays, late flights, PPI, etc., etc., and the question I always ask if I answer my phone without thinking is ‘how did you get my details?’ which of course is never answered. This is the murky world of data broking, selling lists and passing my details around all the other low life call centres.

An academic said “The volume of personal data Google and Facebook has access to is perhaps the most difficult privacy problem in all of human history.”

The huge challenge is getting any business in to compliance mode, which is going to be very tricky in the timescale needed. I’m doing work in the US at the moment and I ask business people what they expect once GDPR goes live. Mostly I get blank stares, GDwhat?

A report has just come out produced by which claims 60 per cent of European companies are not GDPR ready. 65 per cent show a worrying gap around financial penalties and 60 per cent of large companies have major concerns over their ability to be compliant in time.

The impact on marketing is immense and the very big players such as Amazon, LinkedIn, Facebook, PayPal, et al all have Chief Privacy Officers or DPO’s now and I know of several software brands frantically amending products to make sure they are compliant with the new regs.

I just wonder how it might work in the big multinational agency groups because a glitch in a remote office could trigger a major issue at the head of the group, such as WPP. I imagine some overworked account exec in a DM agency in Barcelona making a big mistake on some CRM project resulting in an investigation followed by a mega fine for non-compliance.

Remember the financial penalties can be up to €20m or four per cent of global turnover of the whole company. It must send shivers down the spines of those nice folk running the big groups because mistakes can easily be made and the scope for sabotage is wide open.

For those ahead of the curve and planning to make their business bomb proof there are several products out there that provide the necessary navigation towards compliance and ongoing management. Spookily one is called The GDPR Tool – might as well try to own this new category – with a handy domain,

2018 is going to be another transformational year as the good guys start to catch up with the bad guys as the monster cat is released amongst the privacy pirates.

Back to top button