Twitter improves user data policy ahead of new European privacy laws

While these numbers may look outrageous, the more important point is that users and media outlets are becoming more aware of the data privacy issue. And how does this legislation impact us as marketers?

But an FB user in, say, India would need more than that given the way FB has been toying with the terms and conditions. If an organization is strongly HIPAA compliant, then it will be much easier for them to absorb GDPR; if they have been going off HIPAA for a while, then GDPR is going to come as a shock. Ad agencies invest millions to get their advertisements shown to the people who might be interested to buy them.

A similar report from Deloitte also suggested that only 15% of organisations expect to be compliant in time, with the majority targeting a risk-based, defensible position.

Consumer anxieties over data privacy and sharing have been building for a while. With the recent news around Facebook continuing to grab headlines, businesses are under more pressure than ever to present a transparent and secure organisation.

“No doubt the advertising industry is one of those to be hit hardest because of our way to collect and handle data between consumers, ad vendors, brands and publishers”.

Failure to adequately secure private data could lead to a fine of up to 20 million euros, or 4% of the annual turnover, in the event that a company is hacked or information is breached. Under the General Data Protection Regulation, companies must implement technical and organisational measures to protect users’ data. The immediate benefits will be legal compliance with the rules set out by GDPR – not only through improved security, but also via communication with colleagues and clients. It’s therefore in our interests as data processors and data controllers to ensure we protect the good relationship we have with our end users. On and off, they raise alarm over specific practices of companies, including Facebook.

It’s valuable to earn GDPR compliance sooner rather than later.

This was admitted in meetings I’ve had with a few CMOs of the largest USA companies.

For example, like the GDPR itself, Workday said it has incorporated “privacy by design” and “privacy by default” as basic software design principles.

Email marketing is a key area of the regulation but just one of many – firms should look to understand the lawful basis and objective of processing, the application of individuals’ rights, how they are evidencing their accountability and governance, and their security measures and processes to prevent and respond to data breeches. We are already seeing giants like Apple rolling out privacy features ahead of GDPR.

“It was a priority for us to quickly be certified”, Cosgrove said.

To build consumer trust, organisations need to adopt a new philosophy around personal data – one that involves the customer with their own data and empowers them with the option to dynamically control the amount and type of data that is shared.

This includes having an agent operating within the European Union. Moving forward, it is clear that the only way for companies to achieve full GDPR compliance is through independent certification. The GDPR is coming and whilst many companies are poorly prepared, certification provides a route to high standards of compliance and peace of mind.