On February 26th, 2016, the DMA held its annual Data Protection summit, designed to help the industry understand the latest developments in the world of data protection.
As well as the threat of fines up to €20,000,000 there is the need for businesses to obtain explicit consent for the use of a customers’ data. Whether for compliance or the customer relationship, the need to prove consent will become a huge challenge for businesses over the next two years.
One of the main points of discussion revolved around the forthcoming General Data Protection Regulation (GDPR), which brings with it significant changes to the way that organisations handle and share personal data within and outside of the EU.
Read more about the responsible use of data in our eBook: The Challenges of Data Ownership
With 2.5 quintillion bytes being created every day, marketing professionals are becoming increasingly swamped in customer data.
Although the lawyers are still poring over legislation, there were still some important things you can be doing now to prepare for the future. With this in mind, here are eight of the most valuable points we learned from the event:
1. Trust is key to maintaining customers’ engagement
The need for transparency was understandably a theme running throughout the event. Some very useful statistics from an nVision study said a lot about how consumers view the use of their data:
- 54% of the population are considered ‘Data Pragmatists’: these people require a level of trust to be met by organisations before they agree their information can be used.
- 22% are classified as ‘Data Unconcerned’: these people are either not worried about how their data is used, or accept that their personal data has become a part of the online economy. Interestingly, this figure has increased by 7% in the last three years.
- 24% (down from 31%) are ‘Data Fundamentalists’: these people do not want their personal data to be used and will actively avoid any instance where they’ll need to provide it.
2. The need to give customers more control
Consumers have a far greater understanding of how their personal data is being used, with 72% of those surveyed agreeing that sharing their data is part of the modern economy. However:
- 90% were in total agreement with the question “I would like more control over the personal information I give companies and the way it is stored.”
- 80% believe that businesses get the best deal with the exchange of data. Just 7% felt that customers benefit most.
3. The importance of transparency
Consumers are much wiser to data use and the value trade-off for letting businesses use it. To help encourage a greater degree of trust, organisations will need to be far more explicit about how they plan to use personal data, with opt-ins much clearer. For example:
- Tick boxes should not be used as a catch-all method to hide all T&C information. These do not create trust.
- Customers should see a more detailed breakdown in the permissions organisations are requesting.
4. Data misuse and breaches will lead to considerable fines
Organisations that exploit personal data are receiving increasing levels of punishment. Earlier this year, a lead generation firm faced a record £350,000 fine for making nuisance calls. However, this pales in comparison to fines for personal data breaches.
Currently, the International Commissioner’s Office (ICO) can issue a maximum penalty of £500,000 for the most serious infringements. From mid-2018, this will increase to €20,000,000 (£15.7m), or 4% of an organisation’s global turnover - whichever is larger.
5. The DMA’s code of conduct is ‘a roadmap to trust’
While the specifics of the GDPR are yet to be laid out, the DMA has created a broad outline of the route that organisations can take for more responsible data use:
- Put your customer first – value your customer and understand their needs.
- Respect privacy – companies are clear about data collection and how they plan to use it.
- Be honest and fair – companies should deliver what they promise, without misleading their customers.
- Be diligent with data – Any data held is accurate, up-to-date and not held longer than necessary. Personal data is treated with care and respect.
- Take responsibility – Companies must be held responsible for the customer experience and be held accountable when data-related issues arise.
6. A Brexit outcome would be unlikely affect GDPR
The forthcoming European Union membership referendum is unlikely to change the course of the GDPR, whatever the result. Even if Britain was to leave the EU, the country would still need to compliment the European law if it wishes trade to continue undisturbed.
7. Charities are leading the way with reforms to data protection
Given the high profile personal data issues linked to charities, it’s no surprise that the industry has been one of the quickest to respond. Already, lifeboat charity RNLI and British Red Cross have signed an opt-in only pledge with the ICO, confirming that the charity would only call potential donors if they have specifically opted in to receiving calls within the previous two years.
The associated risks and potential losses in fundraising opportunities were weighed up and debated for a long time before the conclusion was drawn that their donors’ trust in the RNLI’s data use would be more important going forward.
8. Create positive sentiment around sharing of personal data
The use of personal data has become a hot topic in newspapers as of late, but not for the best reasons. Steps should be taken to explain to consumers why it can be in their interest to share it. At the summit, Channel 4 and The Guardian were singled out as two inspirational examples that make clear how they use your data and how it can improve the customer experience.