Last week Uber dropped another bombshell on us. They admitted to concealing a data breach that affected 57 million customers and drivers, before paying the hackers $100,000 to destroy the stolen data and keep their mouths shut.
Disturbingly, this all happened over a year ago! While current UK law carries a maximum penalty of £500,000 for failing to notify users and regulators, under GDPR, fines will be much higher.
A cyber law barrister told Campaign magazine last week that if Uber had been subject to the GDPR, it would have had to pay a fine of 4% of its global annual revenue, or £17.75m for its breach of data, “assuming that at least some of the 50 million records hacked were EU citizens…”.
Are you prepared for GDPR?
What are you doing to prepare for GDPR? Have you begun implementing processes to ensure you are compliant? Our latest free whitepaper, a guide to GDPR, aims to shed a light on what you should be doing over the next few months to be ready. The paper will answer questions such as: what is GDPR? What does this mean for marketers? And what should you be doing today?
For those who do not know, the GDPR is a regulation enforced by the European Parliament which intends to strengthen and unify data protection. Essentially it will work to protect EU citizens from privacy and data breaches in an increasingly data-driven world.
When it comes to digital marketing, there are several crucial aspects of GDPR to take note of. Firstly, consent must be “freely given, specific, informed, and unambiguous, and articulated by a clear affirmative action.” Clients and customers must agree that their data can be used and that they can be contacted. Secondly, there are eight “rights”, so to speak, that must be followed.
These eights rights are:
- The right to be informed
- The right of access
- The right to rectification
- The right to erase
- The right to restrict processing
- The right to data portability
- The right to object, and
- The right to not be subject to automated decision-making, including profiling
Failure to follow these rights will result in a penalty fine. The third aspect of which marketers should be conscious is the legal basis for processing personal data. This should hopefully result in better housekeeping by marketers, and means there is less collection of data for unnecessary, or frivolous reasons. In the future, customers will demand that companies act as trusted custodians of their personal information, and woe betide any company that does not.
What will change moving forward?
GDPR means that marketers will have to come up with better ways of receiving this precious personal data. Inbound marketing, according to HubSpot, costs 62% less than that of outbound marketing methods and is three times more likely to see a higher return.
The transition from outbound to inbound should not be difficult. By creating informative and entertaining content and using it to build relationships with customers, businesses can gain customers’ trust and become reliable information partners. It results in a much more pleasurable and personal relationship.
Although the GDPR does not go into effect for a few more months, it is crucial that companies begin to prepare and consider how they might be affected. By taking this seriously, though, businesses may find that their relationships with their customers improve and will be built on trust and mutual appreciation.