Ian Woolley
Ian Woolley 4 July 2018

Where are we, post-GDPR go-live?

GDPR is now fully enforceable by the ICO, but just weeks before it became so, the business world seemed to be waiting with bated breath as marketers, technologists, lawyers and business leaders circled the deadline with varying degrees of understanding and commitment.

One of the last surveys of decision-makers preparing for the introduction of GDPR (or more accurately, the enforcement of GDPR that all organisations should have been preparing for over the past two years) demonstrated that many decision makers (61%) would have ideally liked a six-month extension if it had been allowed.

45 per cent of those surveyed had put money aside for dealing with expected ICO fines post-enforcement– a topsy-turvy position considering the benefits of adequate preparation before the deadline.

All hail the Data Protection Officer (DPO)?

Strangely, the DPO, a mandated position for many organisations processing sensitive or extensive customer data, has been quite absent from the thoughts of many in charge of the compliance process. IT had become the department of choice for looking after customer data in the GDPR world (24% of respondents), followed by Marketing (23%) – with the Data Protection Officer a mere 1 per cent.

Respondents also gave a mixed bag of answers regarding who is in charge of the overall risks around GDPR, with the CEO in the driving seat for 32 per cent, the Chief Data Officer at 26 per cent, and then the Chief Marketing Officer at 22 per cent. Only 14 per cent cited the Data Protection Officer as the risk manager – yet this is a GDPR mandated position where organisers perform regular and systematic processing of data subjects on a large scale – and of these nearly a third (27%) had not filled this mandatory role.

A brighter future?

Marketers were nearly evenly split on the matter of GDPR potentially diminishing the quality of the data they receive: 34 per cent agreed, 28 per cent did not, and 29 per cent were unsure. Many commentators have predicted that those opting in would provide good, truthful data on themselves and their preferences following GDPR, but the research perhaps indicates a crisis of confidence in the data analytics community.

In organisations where technology plays a central role, ‘technology implementations’ were only cited by 44 per cent of respondents. In fact, ‘setting new data metrics’ was a tactic for only 30 per cent of those surveyed.

Respondents had strongly (63%) put in place new policies to increase the quality of data wanted to receive after 25th May by regulating their customer data input channels. Over half (59%) put in place stronger internal data policies. Worryingly, fewer than half (47%) were enforcing new policies on partner data acquisition, which may now leave them open to GDPR non-compliance. Respondents who are enforcing partner policies also said that updating contracts with third parties was important for 36 per cent of them.

Encouragingly, many benefits of starting the journey to GDPR compliance had already come through before the 25th May: Better quality of data (29%), data more easily managed (20%), and an improvement in sales success based on this data (18%).

It’s not the end

Enforcement is in no way the end of the customer privacy conversation. The industry awaits how the courts will interpret test cases as customers, privacy advocates, lawyers, judges, and organisations contend with a much brighter light shining on consent and data protection issues.

Organisations need to keep a tight control of their data processes and regularly audit to ensure that they at least meet, if not exceed, their commitments. Whichever department or executive has overall control over data governance needs to keep a close eye on all aspects. As technologies are retired or deployed, new processes debuted or employees are onboarded, there are points of challenge to overcome.

Those in charge need to keep a few elements constant to maintain confidence in the underlying direction of the data governance push…

Tag management has never been so crucial, given the fact that tags often capture and share site visitor data from the moment a consumer arrives, before they have offered consent and acceptance. Although such JavaScript tags are a well understood part of web architecture they have not always been well governed, and so act as data leaks. That is no longer acceptable in the consent and privacy-conscious world of GDPR. Compliance requires enforcement, which means all tags, regardless if they are hardcoded on a page or served through a tag management system, must be kept from firing prior to consumer consent.

The website must offer a watertight consent experience. Customers will face these consent gateways across much of the web, and they are not only a regulatory requirement but a source of differentiation for the brand. They could be a source of education and engagement as well as a mere hygiene requirement, used correctly.

Businesses should have by now polished off their data governance process and ensure that solutions like consent overlays and consumer preference enforcement are in place. If need be, A/B testing to help fine-tune how these experiences result in higher conversions for the marketing team and the smooth operations of the sales process.

Plainly put, it’s only the start of the adventure!

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
The Challenges of Customer Lifetime Value (CLV)

The Challenges of Customer Lifetime Value (CLV)

We all agree Customer Lifetime Value is important, but there’s not much agreement after that. This blog is about the challenges of Customer Lifetime Value (CLV). CLV is a fantastic concept but defining that value and...

Peter Rivett-Jones
Peter Rivett-Jones 24 May 2023
Read more
How to Review a Website — A Guide for Beginners

How to Review a Website — A Guide for Beginners

Whether you're a startup or an established business, the company website is an essential element of your digital marketing strategy. The most effective sites are continually nurtured and developed in line with...

Digital Doughnut Contributor
Digital Doughnut Contributor 7 January 2020
Read more
7 reasons why social media marketing is important for your business

7 reasons why social media marketing is important for your business

Social media is quickly becoming one of the most important aspects of digital marketing, which provides incredible benefits that help reach millions of customers worldwide. And if you are not applying this profitable...

Sharron Nelson
Sharron Nelson 6 February 2018
Read more
Exploring the Rapid Growth of Mobile App Development

Exploring the Rapid Growth of Mobile App Development

Smartphones have included mobile applications for more than ten years. The fastest-growing area of the mobile industry is the mobile app market. Only a few app developers were aware of the potential market opportunity...

Prashant Pujara
Prashant Pujara 24 May 2023
Read more
The Top Ecommerce SEO Trends for 2023

The Top Ecommerce SEO Trends for 2023

As we approach the midpoint of 2023, ecommerce businesses face an increasingly competitive landscape. To stay ahead of the game, businesses must focus on optimizing their online presence for search engines. Here are...

Jagdish Mali
Jagdish Mali 23 May 2023
Read more