If data is the “new oil,” could GDPR be a blockage in the pipeline?
Admit it, phrases and jargon are so overused in our industry that they become annoying. The latest one is “data is the new oil.” It is not. I say that as a former oil market journalist.
Here’s why:
- Data is not a natural resource
- Data can’t be drilled for or fracked
- Data has never caused a war
- Data is not hard to find, nor is it costly to produce
- There are unlikely to be data shortages (we will create more data in 2017 than we have in the previous
5000 years of humanity)
Reluctantly, I admit there are similarities. Data has become a commodity business in our Internet of Things connected society. Data spills, like oil spills, can be dangerous. For example, hacked classified information could lead to that war I mentioned.
Data is driving some of the most innovative products, services and businesses we have today. Much like oil fuels us now and as it did in the Industrial Age, data is propelling digital transformation and
Industry 4.0.
Think about it. Where would industry giants like Amazon, Google or Facebook be without data? It is the driving force behind their businesses and at the center of it. They use data to expand to new markets, build better offerings, offer an exceptional
customer experience, and better understand patterns or trends to stay ahead of competitors.
The downside is the erosion of privacy. Many people loathe the idea that retailers or banks know every little detail of their lives. The European Union’s General Data Protection Regulation (GDPR) is set to address that, and it could become a major blockage
in the flow of Big Data.
Beginning May 25, 2018, all companies and institutions will be legally bound to protect the personal data of EU residents and uphold their data privacy rights. This includes giving people the right to say “no” to holding or using their data for any purpose.
According to a
study, 56% of UK residents polled said they welcome the right to object to their data being used for marketing and profiling (the UK will still adhere to GDPR after
Brexit).
GDPR impacts not just EU companies but any organization processing personal data related to subjects within the EU. So, anyone using big stores of data for analytics, artificial intelligence or algorithms will need to be GDPR compliant. Vast volumes of data
gush from financial markets, social media, mobile phones, customer accounts and transactions, as well as connected devices from the IoT, and are fed into analytics software. What happens to the data that is already “woven” into the business and that is already
in use to support analytics-driven decision making someone “opts out?”
As legal consultant Mark Weber said in an article: “What business can’t do is just suck up data, combine it with other data collected for other purposes and use it however they see fit. The business value can’t be put ahead of the rules and rights of data
subjects.”
This sounds like a bitter pill to swallow. But it is not all bad news; GDPR is an opportunity for organizations to provide transparency to their customers, showing they are willing to engage with them regarding their data privacy. Complying with GDPR can
actually be a positive thing that can and should lead to competitive advantage.
The oil business would have been better served with transparency regulation like this a long time ago.