In the same week that signals the 12 month countdown before the General Data Protection Regulation (GDPR) comes into force, Prime Minister Theresa May has revealed that the UK government want to give people even greater power over their personal data.
In an article published by The Times, the recent cyber attacks on the NHS, latest round of WikiLeaks disclosures and continuing instances where illegal and extremist content remains ungoverned online have been used as examples why the government want to make Britain “the world’s internet policemen”.
According to the Conservative manifesto, this will be actioned through the creation of a new data-use and ethics commission. This will spearhead a government crackdown on how data is held and used by technology and social media companies, forcing them to do more to secure information and delete data relating to those under 18.
This new body would have the power to decide who owns and can use personal data, making the benefits clearer to consumers why they should share their data, and how they can request it be deleted. It will also look closely at how companies use algorithms to sell targeted advertising based on behaviour, along with their “ethical and competition implications”. The body will have the ability to issue fines for non-compliance.
In an interview with The Times, May said “We want the UK to be … the best place for a digital business to be set up and to grow but also the safest and most secure place for people to be online.”
While the news was well received by some (though likely not marketers), and should be regarded as good news for consumers, some have questioned how feasible these aims might be, in particular the ability to regulate what are largely American tech companies.
While the Conservatives clearly have the likes of Google, YouTube and Facebook in their sights with these proposals, it gives a clear indication of the direction the government is heading when it comes to constraining the use of personal data for marketing. While the outcome of the general election remains to be seen, it does seem to put paid to any suggestion that a post-Brexit Britain would adopt a less stringent approach to personal data protection in place of GDPR.
This news follows a recent article from DataIQ, with a survey that found over a quarter of Britain’s retailers (27%) have abandoned preparations for GDPR because of Brexit. More worrying still, nearly half (47%) think that GDPR will not apply to UK businesses after the UK leaves the EU.
Not only will GDPR be implemented within the two years since Article 50 was triggered, laws equivalent to GDPR will be needed in the likelihood these retailers will be handling the personal data of any EU citizen.
If the Tory proposals come to pass, if anything, UK data protection laws could be even stricter…
Blue Sheep GDPR Assessments and Guidance
To help you identify the areas you need to work on before 2018, Blue Sheep has teamed up with data compliance specialists to provide a two-step GDPR Assessment and Process Review.
The GDPR Assessment will provide your organisation with a full diagnosis of your marketing database and processes to enable you to take the action you need to ensure compliance.