Europe has taken data protection to the next level. The legislation referred to as General Data Protection Regulation, which is designed to give consumers added control over their own digital data, was passed in 2015. Since then, it has been contested in courts and is now finally set to come into effect less than four months from now.
Technology giants as well as their smaller counterparts are currently redesigning and deploying changes to be compliant with the new legislation. In essence the provisions of the new law, restricts the customer/user data that organisations are allowed to share. In addition users can request them to remove certain data about them and those under 16 have to get parental consent before consuming these services.
In preparation for these changes, Google has been letting people choose the data they would be willing to share across its portfolio of services such as Gmail, Google Drive etc. and Facebook in the last few weeks have rolled out a new global data privacy center which restricts the ads they are served in addition choosing restrictions on posts shared. The scale of changes to meet the new, enhanced provisions under GDPR are substantial but companies after initially challenging it, have until May 25, 2018 to ensure compliance, when it is scheduled to go into effect. While the law is applicable to the 28 member states of the EU, it does provide an interesting template for the rest of the world to follow.
The world of analytics will definitely lose access to pieces of data that it may have had until now. Facebook has data on the all your interactions with other members, the duration of this interactions, data from messages which can then be utilized to build up a profile that is then used for targeting and also for their internal purposes like customizing News Feeds.
However the most valuable of all data that recent research has shown is the ‘likes’ data which can then be used to evaluate gender, political leanings, religious preferences, educational attainment etc. The digital crumbs that we constantly leave is an incredibly rich and accurate data. This is much more valuable than using the traditional sources of data such as purchase data in addition to profile data which may be prone to inaccuracies. While this provides very exciting possibilities for AI in easing the pain of marketers among other uses, concerns around managing the risk and ethical considerations have now necessitated regulatory oversight.
While the GDPR ensures that the rights of the consumer are protected and ‘sensitive’ personal information needs to be protected, this does not mean that all data will be off limit. The legislation also makes it incumbent upon consumers to be aware of their rights and ensure that they are safeguarded. After all, legislation can only take the horse to the water but cannot make it drink.
This article has been authored by Susan Mani. Susan is a seasoned analytics professionals with over 11 years of experience working on analyses for Fortune 500 clients such as Bank of America, Proctor & Gamble, and Unilever among others. She is on the Alumni Advisory Board of the University of Cambridge, and is an expert in the practical aspects of applying analytics in different contexts to generate value.