How Retailers Can Solve the GDPR Puzzle
On 25 May 2018 the greatest sea change relating to personal data in the digital age will come into effect. The General Data Protection Regulation (GDPR) will give citizens greater control over their data and will enforce data seekers such as retailers to be more open, transparent and secure when handling an individual’s personal information.
The penalties for non-compliance are severe, with potential fines running as high as €20m, or 4% of a company’s turnover (whichever is higher).
Today, data is essential to retail. The World Economic Forum (WEF) has stated that data is the oil of the 21st Century, even going so far as to define personal data as an asset in its own right. Indeed, the WEF has estimated that the value of this data will be worth €1tn (£877bn) in Europe alone by 2020.
Retailers require this rich data to operate efficiently and gain a competitive edge within the modern digital economy. However, how they gather, acquire and handle this data is going to be vastly different once the regulations enshrined in GDPR come into effect this month.
So, what are the key components retailers will have to comply with?
1) Transparent processing of data
When data is collected it must be clear why the data is being collected and what the data will be used for. If an individual asks for details relating to the use of this data, the retailer must provide it.
2) Purpose of use
Retailers should only collect the information that is strictly necessary when providing a service/undertaking a transaction. The data captured by a retailer should be adequate, relevant and limited. Extraneous information is not required or allowed.
3) Accurate data
Retailers will have to ensure the information they hold is accurate, valid and fit for purpose. If they haven’t been done already, processes will have to be put in place to ensure the data they store is correct.
4) Confidential and secure
The integrity and privacy of data must be secure and protected. The necessary security measures to protect that data must be implemented.
5) Identifying data
There will now be limitations to how long data is stored and how it is stored. In future, data should not be stored in multiple places. Anything that risks matching data to an individual should be mitigated.
6) Accountability
It will be beholden to businesses to ensure every step taken under GDPR is clear and auditable.
7) Data deletion
Once information is redundant or no longer needed it must be erased. This is related to the right to be forgotten. This empowers individuals to request information held by retailers or other third parties to be deleted and removed.
8) Access
If an individual wants information relating to how a retailer has used their data - whether it’s been shared or what specific data has been used and why - the organisation has to provide a complete record.
9) Right to object
Individuals can at any time object to the processing of their personal data, in particular if the processing is for direct marketing purposes.
10) Rectification
Individuals can request information held is corrected if inaccurate or incomplete.
11) Restriction of use
Individuals can insist that a retailer prevent access to and modification of their data.
12) Portability
An individual can request their information in a commonly used and accessible format if they want to take that information to another retailer/company.
The challenge for retailers is balancing their need to sell directly to customers - personalised and targeted messaging being essential in the 21st Century marketplace - with the requirements of GDPR, namely the explicit provisions of privacy, consent, transparency and accuracy, among others.
Thankfully, retailers can solve the GDPR puzzle. Research has demonstrated that businesses that provide greater transparency and control over customer’s personal data can enjoy deeper and more trusted relationships with their customers. Rather than see privacy as a stumbling block to forging ahead, retailers should see it as an opportunity to innovate.
This premise lies at the heart of MetaMe, a personal data wallet and clean data marketplace led by London-based entrepreneur, acclaimed digital innovator and author Dele Atanda, who advocates the use of ‘Clean Data’. The Clean Data economy is underpinned by privacy and individual ownership and consent as opposed to the nefarious tracking and data acquisition practices of the surveillance led ‘Dirty Data’ economy.
Clean Data is made tangible by MetaPods (mPods), which are crypto information objects that use artificial intelligence (AI) to enable granular, precise and minimum units of data to be isolated and encrypted based on a person’s intention - buying car insurance for example. mPods can be shared and traded privately and contextually in exchange for Krypto Koins, MetaMe’s currency.
Dele Atanda said: “GDPR represents a fundamental reset of the digital economy. It may be the most important piece of legislation of our generation. Not only is the law underpinned by a strong commitment to human rights, it fundamentally redistributes the balance of power between businesses and their customers. This new landscape creates tremendous opportunities for equitable, sustainable customer engagement innovation.”
MetaMe builds a human and ethical framework into the foundation of information and data sharing enabling businesses to pay customers Krypto Koin for sharing mPods with them. MetaMe will be launching the private sale of its ICO (Initial Token Offering) this month with a public ICO scheduled for later this year. With the implementation of GDPR coming into force on 25 May 2018, the ICO could not be timelier.
Global experts within the fields of blockchain, data, artificial intelligence, digital policy and cryptocurrency complete MetaMe’s ICO team. Dele will lead the team, which is backed by advisors such as former MP and founder of the Oxford Internet Institute Derek Wyatt.
ENDS
Dele Atanda is available for interview and high-resolution images are available on request. Media information provided by Famous Publicity.
For more information, or if you would like to speak with Dele Atanda please contact Adam Betteridge at adam@famouspublicity.com, Ed Patience at ed@famouspublicity.com or Tina Fotherby at tina@famouspublicity.com or call the office on 0333 344 2341.
About Dele Atanda
Dele Atanda is a digital visionary and entrepreneur. Dele is a long-standing advocate of digital human rights, a cyber expert, a Fintech and crypto-economy theorist and an advocate of using technology to form a more compassionate, empathetic and human centred world. Supporting this is his belief that data - and in particular the ethical use of personal data, can transform society and revolutionize the world.
Dele is a celebrated innovator having led digital for some of the world's biggest brands and built enterprise solutions for FTSE 10 and Fortune 100 companies that have become the gold standards for engagement within their sectors. He leads IBM’s iX Automotive, Aerospace and Defence practice as Chief Digital Officer. He is a renowned thought leader on digital culture and has been a pioneering voice on the emergence of web 3.0 technologies and their impact on society most notably with his best-selling Digitterian Tsunami: Web 3.0 and the Rise of the N.E.O Citizen published in 2013.