How does the new GDPR affect you as a business or you as a client!
In May 2018 the Data Protect Act 1988 (“DPA 1988”) will amend. The current Act: http://www.legislation.gov.uk/ukpga/1998/29/pdfs/ukpga_19980029_en.pdf
Artificial Intelligence, or AI, is emerging with full force in the professional services, and the Dawn of the Digital Age has been banging at the door for the past 5 years. Let’s face it, the DPA 1988 rules when initially drafted, had absolutely no idea as to the speed, usage and evolving legalities surrounding technology. We refer to Google instead of dusty old reference books, we use MailChimp to send round robin emails as opposed to MailMerge, we research on LinkedIn companies and/or contacts and the majority of these searches are carried out on our phones or tablets. The MegaBites we have access to can store data on a vast platform and play with algorithsm to identify targeted audiences and customers. AI is very real.
New legislation – May 2018
The General Data Protection Regulation (“GDPR”) provides more protection for consumers, and more privacy considerations for organisations. It will be up to businesses to ensure its policies and mindsets are up to scratch regarding data protection.
Consumers will have more rights than ever as to how businesses and organisations hold their personal data. Businesses will have to report any breaches of data that may pose a risk to consumers and individuals and the initial consent will be upped.
Regulations
The GDPR gives regulators greater enforcement powers. If we, as business, begin the procedure of ensuring our policies and practices are compliant now, the risk of financial enforcement or brand shaming will be negligible. Preparation is half the battle and giving companies enough time to organise the correct policies will also gain time to train employees to be aware.
Consent
The new legislation will help individuals gain a frank and open understanding with control over how an organisation uses their personal data. As a business, the clear consent for opt-in, recorded consent, together with a very easy opt-out offering.
Accountability and Compliance
Who is accountable? The new GDPR generates responsibility for companies to understand risks affecting others. It should work hand in hand with customer service procedures. The privacy of us all needs to be an organic assessment rather than plain due diligence – businesses need to literally think of the risks further down the line and how to mitigate it.
Keep the customer satisfied! Not just a wonderful Simon & Garfunkel song, but in this Digital Age, there is too much fraud to not keep any of us, as a consumer or customer, satisfied. This legislation is a sure way of gaining a good relationship with the customer.
Culture
With the ever evolving age of digital and the fact that we are all, businesses and consumers alike, at risk from on-line fraud but also from being bombarded with digital algorithms, it is more and more important to look after each other. We have a corporate responsibility therefore, from a business angle, to ensure we filter down the culture of keeping personal data to a minimum and making sure it is safe.
Allsquare Law has a culture that looks after its clients and we want to ensure the data is built into that relationship.
Conclusion
Firstly, don’t panic! The majority of businesses out there already adhere to the current Data Protection Act 1998 and therefore will have policies in place.
The draft ePrivacy Regulation is still being debated at European level but, for example, a default for all consumer marketing to be opt-in is in the current draft. Click here for further information and to receive an up-to-date checklist, by quoting “GDPR”.
