Data Protection 2016 Update as it happened

How should your business adapt to Brexit? What about the GDPR? What are the opportunities in the GDPR legislation? Read on for highlights from Data protection 2016 Update

Not privacy or innovation, but privacy and innovation

If Brexit means Brexit, then what use is the GDPR?

Next came Iain Bourne, group manager (policy delivery) at the Information Commissioner's Office, who had one simple message for marketers: "We don't have all the answers. Yet."

Of course Brexit has acted as a confusing factor for some marketers. If Brexit means Brexit, then what use is the GDPR?

He said that there cannot be any assurances for marketers yet, as the political decisions are yet to be made. However, "Data protection is becoming more of an issue. Social media accounts are coming together for mass complaints. We are seeing more assertive consumer groups acting to change practices they don’t like.

"Whole messages around consumer trust and confidence remain relevant - it’s not going to go away," he said.

As for preparation for the GDPR, he said, "Whatever happens, the effort will not be wasted. Anything done to prepare for the GDPR will be transferable to any new regime. That’s aspirational, but is the best certainty I can give," he said.

New opportunities

The GDPR also opens new opportunities for marketers, and Nicholas Oliver, founder of people.io explained the rationale behind his new business, which licences consumer data for brands, giving those consumers incentives for doing so.

Oliver quoted author and new media thinker Jaron Lanier: "Facebook says privacy is theft because they’re selling your lack of privacy to the advertisers who might show up one day."

Oliver added, "Consumers call it personal data".

He said consumer data does not belong to the businesses that rely on it at all, but to the consumers themselves. "All that data shared for re-targeting, following people around with ads. This is why adblocking went through the roof," he said.

Oliver asked what use a 'unified consumer view' means for businesses. "You feel you have to have a unified view as well. To do that you have to connect all these different data systems together. Is that any different to what Edward Snowden revealed? Little to nothing," he says.

People.io allows consumers to license their data and their preferences to allow brands to make meaningful interactions. "If Airbnb can be a billion dollar business without owning a building, why do you need to own the data?" he asks.

Finally, he says about Brexit, "Brexit? Don’t care - it won’t have an effect if you are already putting the consumer first."

A new dawn for B2B marketing

Millward Brown's research director Fraser Hynes explored why B2B businesses are increasingly behaving like B2C businesses. He asked B2B marketers to think of a great ad, and they typically mentioned the Cadbury 'Gorilla' ad.

"If you walked into any boardroom of any B2B brand, and asked what their favourite ad was, they would probably say the one with the gorilla. It has no brand or product shot until the end, it's purely designed to provoke emotional response, which is happiness.

"For B2B brands? Probably nothing," he said, adding that B2B ads often seem generic. But this is changing, and many B2B brands like IBM and Microsoft are moving towards campaigns that do evoke an emotional response.

He said this was because, "The audience is changing - the millennial influence is growing amongst decision makers. 47% of potential buyers are millenials and the implications are enormous. Marketers, many of whom are millennials, are using new channels for their marketing.

"B2B brands are shifting to B2C corporate cultures, introducing consumer devices into workplaces, and there is a big shift in mobile use. 44% of millennial decision makers use devices across the decision making process, 70% use video across purchase path.

"The most successful B2B brands are mirroring B2C approaches," he said. This is significant because under the GDPR, B2B brands will finally be treated the same as their B2C counterparts.

What about Brexit?

Founder of Governor Technology Gilbert Hill said Brexit could represent two possible scenarios, where the UK either moves towards more or less data protection.

"Brexit-lite pushes the idea that the UK could be a light touch, Las Vegas free-data hub. Then, there are very strong calls to forge an identity for the UK as a beacon for global data privacy to meet or even exceed GDPR.

"Nobody I have met says because we have Brexit, we can kick GDPR into the long grass," he said.

Proximity London's head of data and analytics Amanda Arthur took a different approach but came to a similar conclusion. "We need to be clear what the new regime will be on business. If we want to continue in Europe, we need to lead the way.

"A bigger concern is losing relevance with UK clients, which is a bigger threat for UK CRM if UK consumers shut down relationships with brands. We need to make sure that doesn’t happen. We need creativity and resilience - that should be a priority," she said.

Finally, Marketing Week editor Russell Parsons said, "There is economic uncertainty - the key is to do your job. Time to be a marketer again. Time to be an effective marketer again.

"A good marketer needs to be sales, customer and business oriented and you will be effective . This will be obvious to everyone here. But it’s important to remind yourself that, if and when article 50 [triggering two years of Brexit negotiations] is activated next year," he said.

"It's not about protectionism, but about being a grown-up businessman," he said.

Doing GDPR

Finally, the group data and privacy officer for John Lewis and Waitrose, Steve Wright, is already exploring what data protection looks like under the GDPR.

"You have to try and hone in on the most effective way to implement change.

"But are we truly working towards the 25 May 2018 deadline? We have to be thinking about a robust framework and programme of works to 2020. We have hundreds of data centres and data lakes and this process will not stop in 2018," he said.

"We really have to get a grip on what we want to use this data for, how we use it, why we use it. This is a whole framework of data governance. Personal responsibility is not just around the 'why', but should also focus on personal security and integrity," he said.

He said that he was looking at five main points coming out of the GDPR:

• Privacy by design
• Rights of the data subject
• Unambiguous consent
• Privacy impact assessments
• Accountability and compliance.

"I’m helping board members think about their responsibilities - the emphasis has changed to us. [New Information Commissioner] Elizabeth Denham is looking to us to demonstrate that responsibility.

"One of the hardest things to do was to ask departments to stop and think about the implications of the data. We have to make sure we are accountable. We all know about the data subject’s rights. Personally, I will exercise those rights. We are giving power back to the people, and may see group class actions in the future," he said.