Ian Woolley
Ian Woolley 4 July 2018

Where are we, post-GDPR go-live?

GDPR is now fully enforceable by the ICO, but just weeks before it became so, the business world seemed to be waiting with bated breath as marketers, technologists, lawyers and business leaders circled the deadline with varying degrees of understanding and commitment.

One of the last surveys of decision-makers preparing for the introduction of GDPR (or more accurately, the enforcement of GDPR that all organisations should have been preparing for over the past two years) demonstrated that many decision makers (61%) would have ideally liked a six-month extension if it had been allowed.

45 per cent of those surveyed had put money aside for dealing with expected ICO fines post-enforcement– a topsy-turvy position considering the benefits of adequate preparation before the deadline.

All hail the Data Protection Officer (DPO)?

Strangely, the DPO, a mandated position for many organisations processing sensitive or extensive customer data, has been quite absent from the thoughts of many in charge of the compliance process. IT had become the department of choice for looking after customer data in the GDPR world (24% of respondents), followed by Marketing (23%) – with the Data Protection Officer a mere 1 per cent.

Respondents also gave a mixed bag of answers regarding who is in charge of the overall risks around GDPR, with the CEO in the driving seat for 32 per cent, the Chief Data Officer at 26 per cent, and then the Chief Marketing Officer at 22 per cent. Only 14 per cent cited the Data Protection Officer as the risk manager – yet this is a GDPR mandated position where organisers perform regular and systematic processing of data subjects on a large scale – and of these nearly a third (27%) had not filled this mandatory role.

A brighter future?

Marketers were nearly evenly split on the matter of GDPR potentially diminishing the quality of the data they receive: 34 per cent agreed, 28 per cent did not, and 29 per cent were unsure. Many commentators have predicted that those opting in would provide good, truthful data on themselves and their preferences following GDPR, but the research perhaps indicates a crisis of confidence in the data analytics community.

In organisations where technology plays a central role, ‘technology implementations’ were only cited by 44 per cent of respondents. In fact, ‘setting new data metrics’ was a tactic for only 30 per cent of those surveyed.

Respondents had strongly (63%) put in place new policies to increase the quality of data wanted to receive after 25th May by regulating their customer data input channels. Over half (59%) put in place stronger internal data policies. Worryingly, fewer than half (47%) were enforcing new policies on partner data acquisition, which may now leave them open to GDPR non-compliance. Respondents who are enforcing partner policies also said that updating contracts with third parties was important for 36 per cent of them.

Encouragingly, many benefits of starting the journey to GDPR compliance had already come through before the 25th May: Better quality of data (29%), data more easily managed (20%), and an improvement in sales success based on this data (18%).

It’s not the end

Enforcement is in no way the end of the customer privacy conversation. The industry awaits how the courts will interpret test cases as customers, privacy advocates, lawyers, judges, and organisations contend with a much brighter light shining on consent and data protection issues.

Organisations need to keep a tight control of their data processes and regularly audit to ensure that they at least meet, if not exceed, their commitments. Whichever department or executive has overall control over data governance needs to keep a close eye on all aspects. As technologies are retired or deployed, new processes debuted or employees are onboarded, there are points of challenge to overcome.

Those in charge need to keep a few elements constant to maintain confidence in the underlying direction of the data governance push…

Tag management has never been so crucial, given the fact that tags often capture and share site visitor data from the moment a consumer arrives, before they have offered consent and acceptance. Although such JavaScript tags are a well understood part of web architecture they have not always been well governed, and so act as data leaks. That is no longer acceptable in the consent and privacy-conscious world of GDPR. Compliance requires enforcement, which means all tags, regardless if they are hardcoded on a page or served through a tag management system, must be kept from firing prior to consumer consent.

The website must offer a watertight consent experience. Customers will face these consent gateways across much of the web, and they are not only a regulatory requirement but a source of differentiation for the brand. They could be a source of education and engagement as well as a mere hygiene requirement, used correctly.

Businesses should have by now polished off their data governance process and ensure that solutions like consent overlays and consumer preference enforcement are in place. If need be, A/B testing to help fine-tune how these experiences result in higher conversions for the marketing team and the smooth operations of the sales process.

Plainly put, it’s only the start of the adventure!

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
The Impact of New Technology on Marketing

The Impact of New Technology on Marketing

Technology has impacted every part of our lives. From household chores to business disciplines and etiquette, there's a gadget or app for it. Marketing has changed dramatically over the years, but what is the...

Alex Lysak
Alex Lysak 22 September 2020
Read more
The Carrot of a Bigger Market is More Powerful Than the Stick of Legal Action in Driving Web Accessibility Investment, New Research Finds

The Carrot of a Bigger Market is More Powerful Than the Stick of Legal Action in Driving Web Accessibility Investment, New Research Finds

Getting web accessibility right is a massive commercial opportunity. The World Health Organization estimates that 1.3bn people worldwide are living with some form of impairment. The benefits of making it easier for...

Michael Nutley
Michael Nutley 30 November 2023
Read more
It’s Time For Brands to Move From Personalised, to Personal

It’s Time For Brands to Move From Personalised, to Personal

At a time when almost every brand is tailoring content and offers to individual customers based on their demographic data, purchase history, and online behaviours, are these personalisation efforts still adding value?...

Shafqat Islam
Shafqat Islam 27 November 2023
Read more
The 3 Most Important Stages In Your Presentation

The 3 Most Important Stages In Your Presentation

If you want to deliver a presentation on a particular topic and you have to prepare yourself for it you should make sure that you go through several very important stages in order to craft a compelling, persuasive and...

Nicky Nikolaev
Nicky Nikolaev 16 February 2016
Read more
McDonald's: the History and Evolution of a Famous Logo

McDonald's: the History and Evolution of a Famous Logo

McDonald's logo is one of the most recognizable in the world. What does the logo of this brand mean, how did it evolve and what is the secret to the success of McDonald’s fast food network?

Anna Kuznetsova
Anna Kuznetsova 24 October 2019
Read more