GDPR (General Data Protection Regulation) comes into effect in May 2018, and is a hot topic – getting hotter every day. Are you ready – will you be compliant when the time comes (and beyond)? We’ll be sharing insight; thoughts and tips, helping you stay up to date and informed.
25th May 2018
GDPR: Switching your view for the long run
Today is the big day that GDPR comes into effect, and you have no doubt received a squillion* email messages on the subject.
There is a massive opportunity here. Being more responsible in collection and use of data will allow you to do more brilliant things with it. To prepare your organisation for the long-term, you need to change your organisation’s thinking and culture around use and protection of data.
Take these 7 steps towards a customer first mentality and making GDPR a game-changer.
*Estimated figure. Conservative guess.
25th April 2018
GDPR: One month to go!
Cambridge Analytica and its improper use of Facebook’s user data, has brought data protection and privacy to the forefront of national and international conversation, in timely fashion.
Businesses around the world have been busy ensuring their organisations GDPR compliant ahead of the 25 May deadline. Have they achieved this?
19th April 2018
GDPR: Time for even the smallest companies to get data-smart
With little over a month until the deadline for GDPR compliance, a recent poll conducted by the Federation of Small Businesses found more than 90% of the UK’s small firms are still not ready for the new regulation.
Real Business talks about meeting the expectations of data-aware customers, and using the opportunity to make positive changes
19th February 2018
TechUK wants to see the UK fully comply with GDPR
There have been suggestions from pro-Brexit ministers that the UK should diverge from European Union rules in certain fields, with data pitched as one area that might benefit from what they would brand as greater freedoms.
However, TechUK said that “UK tech companies are clear that this is not a view held by the sector”, as they want to see the UK fully comply with the EU General Data Protection Regulation.
This is because, for a start, the UK helped to shape the regulation and companies are investing heavily in meeting the requirements, as it comes into force before Brexit will take effect.
It is also crucial for the UK to keep the same level of data protection as the EU if it wants to be in with a chance of gaining continued approval for EU-UK data transfers.
Every organisation needs to be ready – not just the big ones.
29 January 2018
A recent survey found that 1 in 3 companies in London don’t think that GDPR applies to them. I was surprised to hear this, but I guess not everyone works with a company that advises on GDPR!
The fact is, it applies to all of us, charities included. Tower Hamlets Council for Voluntary Service (THCVS) recently organized GDPR training run by ClearComm, that I attended along with another member of the Stepney City Farm team, and several other local charities.
Over the course of the day, the aims of GDPR were outlined; ‘personal data’ and other relevant terms were defined; roles were outlined and conditions around processing communicated.
When I began my first office job, I was told by the Marketing Manager that we wanted to know as much as possible about our potential clients – recording everything, including what they had for breakfast and the names of their children. I think we can all agree in hindsight that this was somewhat excessive and not actually relevant to what we were selling. This is where GDPR comes in; it makes us stop and think about what information we genuinely need and why, we’re not collecting information for the sake of it, and we are being open and transparent about what we use data for.
As the trainer on the day pointed out, data used to be an asset, but now it could be a liability if you are not looking after it properly.
My big takeaway from this session was that even if you are well versed on GDPR and what you need to do, make sure you keep your knowledge up to date – the ICO updated guidelines earlier this month. I was surprised to find that some of the things I had previously understood that we should all do, we should absolutely NOT do. And I’m not the only one: the ICO has issued fines to companies that were doing the wrong thing in an attempt to comply with the regulations. It can be a minefield!
28th January 2018
This a great example of a company disrupting an industry in the interests of customer privacy…
The EPrivacy directive will take us there at some point in the future with better directives on cookies – marketeers beware!
26th January 2018
Facebook to roll out new tools in response to EU privacy laws
Facebook will roll out a new set of tools aimed at making it easier for users to make informed choices about their privacy in response to the new GDPR laws, according to the company’s chief operating officer, Sheryl Sandberg. It is really great news that some of the titans of the social media world are starting to take Customer Privacy seriously. Companies collect huge amounts of data on their customers without you even knowing. You may not care now, but you would be surprised if they printed it all out and left it on your desk!
For those who have started taking a little bit of an interest in privacy, there’s a really interesting app called Disconnect, that allows you to track and block cookies from apps and sites which send your data all over the web. An app to watch out for is Android Pay; it seems to go into overdrive if you walk up and down Camden High Street…!
Cookies are a big part of the legislation coming in, and previous attempts to make them more transparent for the customer haven’t really worked (i.e. that pop up on every website you visit). No one wants customers blocking their site, so we all need our tech and marketing teams to think about why they are using cookies, and what customer data does their feature or campaign really, really need. Keep it to a minimum, please.
12 January 2018
The big news story in the Privacy and Security world this week was the fine landed on Carphone Warehouse for its recent customer data breach.
The ICO said Carphone Warehouse’s failure to secure its systems, allowed hackers to gain access to names, addresses, phone numbers, dates of birth, marital status and, for more than 18,000 customers, historical payment card details. The fine was £400k which, although quite sizeable, will be paltry in comparison to what fines may well be once the GDPR comes into effect (£20m or 4% of revenue). The cynic in us would almost encourage companies to come clean now on any leaks before things get really serious…
We must remember though that the fine is not the only reason for being secure – customers are much more savvy now, and customer leaks are revenue impacting and brand damaging. Not to mention that once a company has lost data they will forever be under scrutiny, from both customers and regulators, which makes life a lot more complicated…getting privacy right the first time is the best approach.
21st December 2017
See which companies are tracking your data
When you download an app or sign into a website with Facebook, you are giving those companies a look into your Facebook profile, including info like: your email address, phone number and current location.
If you’re worried about your privacy on Facebook, you can do two things:
1. Opt out of ad tracking
2. Look up the list of app companies that are logged in to your Facebook account, and edit that list.
France orders WhatsApp to stop sharing user data with Facebook without consent
WhatsApp has been ordered to stop sharing user data with parent company Facebook or face sanctions. Facebook bought WhatsApp in 2014, stating that it would begin sharing data from the messaging app to the wider social network’s ecosystem in 2016.