Last year yielded plenty of discussion about data privacy, data breaches, and the General Data Protection Regulation (GDPR). Specifically, tech industry experts and insiders hotly debated what it would mean to companies if they were found to be in non-compliance with the European data privacy law that went into effect in May of 2018.
It appears the time for data privacy talk is over, and that 2019 will be a year for action, as Google finds itself crowned the winner of the first massive GDPR fine, with France dinging them for $57 million, stating, “that Google failed to fully disclose to users how their personal information is collected and what happens to it.”
Marketers beware: Personalized ads are on the radar
In the complaints that were the basis of the GDPR fine against Google, “the associations reproach Google for not having a valid legal basis to process the personal data of the users of its services, particularly for ads personalization purposes.”
So what does that mean? It means that for all intents and purposes, Google had users sign off on their privacy agreement, but France’s data protection regulator, CNIL, declared that the consent was not validly obtained, stating that users weren’t sufficiently informed about all of the ways their data was being accessed from the “Ads Personalization” section. The CNIL also noted that users must consent to Google’s privacy practices in full to create an account, while the GDPR requires that consent must be specific – meaning that consent must be given for each of the services and applications processing the customer data. (Think Google searches, Google maps, Google home, YouTube, etc.)
The new currency is consumer trust
In a global economy, the most valuable currency is trust, and with a plethora of brands to choose from, consumers aren’t sticking with companies who abuse their trust and misuse their data. In fact, up to 80% of consumers will leave a brand if their data has been misused more than twice.
When it comes to data privacy, it doesn’t matter if the company is misusing data, or if the data is stolen or accessed by hackers – what matters to consumers is that their data is in the hands of someone they no longer trust, and they are far less likely to spend money with you in the future.
An important aspect of GDPR for brands to keep top of mind: GDPR applies to B2B brands and the personal data of business users, including work email addresses and phone numbers. Businesses without mapped personal data stored in their databases to explicit consent agreements face serious legal and financial risk.
Navigating data privacy in a personalized world
The Google fine is just the beginning of what will be a long legal battle, and its long-term impacts on the company and on the data privacy landscape are unclear.
Yet for your business, this development should serve as a call to action. Consumers are demanding data privacy, and companies who don’t wait for privacy to be legally mandated will be rewarded with more loyal customers.
For instance, did you know that over 80% of consumers are actually willing to share their data to create a personalized experience? The key to gaining insights to each customer is being transparent and honest about why and how you will use their data. By linking control of personal data with trust, you’re building a foundation upon which the experience economy is built.
Suddenly very interested in data privacy and management? Join us for our webinar on what to expect in 2019. Register here today.