Over the last couple of years, many business owners have nervously anticipated the introduction of the General Data Protection Regulation (GDPR). Now that it’s being put in place, what next? What happens to the business landscape for big and small organizations alike?
When it comes to this question, there are two main camps: those who say GDPR is essential for leading to a safer environment for everyone concerned; and those who say GDPR will lead to chaos and will potentially damage the EU economy.
Are either of these viewpoints correct? The truth is, nobody can say for sure. Essentially, we’re entering uncharted territory. The future could be a mixture of both. There could be factors that not even top experts have anticipated.
At present, the GDPR contains a lot of ambiguities. Until it has been properly tested in real-world environments, we can’t say exactly how the law will be applied and how the ambiguities will be interpreted by the different member states. So we can expect (at some point in the future) to see landmark court cases in which the ambiguities are debated, judgements made and precedents set. We’ll probably see GDPR evolve, becoming more concrete and more defined.
What about the impending doom?
There’s been a lot of scaremongering in the run up to GDPR, which has created a certain amount of panic. The fear in some startups and small businesses is that the slightest transgression will cause regulators to hammer them with hefty fines and copious amounts of bad press. But is this true? Apparently not. It appears that GDPR takes into account the resource disparity between large and small businesses.
As a small business owner, providing you’ve done the best you can with the available resources, and providing you can prove it, the chances are you won’t face crippling fines for an isolated incident. However, it could be a different story if you repeatedly fail in your GDPR responsibilities.
The bottom line is: make sure you give people the opportunity to consent; respect people’s data and their right to access or be forgotten; and be completely transparent about what data you need and what you’ll use it for.
Avoid cutting corners. And in the event of a breach, if you can prove that your business has lived up to the spirit of the law, and done everything within its power to be compliant, the regulators may not issue hefty penalties.
Businesses could become more interconnected
Because data is a cross-functional element, GDPR could drive interconnectivity within organizations. Different departments (i.e. sales, marketing, IT, finance, compliance etc.) will have to communicate effectively with each other to ensure an organization-wide pattern of GDPR adherence. This could help transform the corporate culture of many businesses.
It’s a great opportunity to regain public trust
With massive data breaches and privacy concerns hitting the headlines every week, people are becoming more and more mistrustful. So GDPR compels businesses to design a strategy of openness and transparency that will, in the long run, help them restore public confidence.
Marketers may actually hit more targets
At first glance, this seems counterintuitive. Mailing lists will surely be getting smaller, thereby limiting the marketer’s scope, you might reasonably say. While it is true that lists will get smaller, the active consent element of GDPR (which requires people to actively choose to be part of a list) may improve the overall quality of lists and therefore improve results.
If people know they are signing up for marketing messages, then that means they’re genuinely interested in what you have to offer. Marketers will end up with smaller, but highly valuable lists, and they’ll be able to nurture more meaningful connections with their prospects.
Ultimately, we can expect to see corporate and commercial environments changing as companies implement new strategies. Some companies may struggle to keep up and have to downsize their data architecture. Some might truly embrace the spirit of GDPR and develop ingenious marketing communications based on the idea of openness and transparency.
And, there likely won’t be an apocalypse of small businesses bludgeoned to death by the regulators. So here’s to a brave new future of GDPR exploration.