"Companies must prepare for GDPR, as well as Brexit"

CEO of the DMA Group calls for marketers to adopt higher standard of transparency
around use of customer data at the Data Protection Update 2016 conference

The data-driven economy is the engine that will continue to drive growth in the UK. According to some estimates the UK’s digital technology industry already contributes over £161 billion to the nation’s economy. This represents over 1½ million jobs in the UK, with more than 1 in 10 of these in the field of data management and analytics. According to global analysis the UK’s Internet Economy is the largest of all the G-20 nations, representing over 12% of GDP, which is twice the size of the average G-20 and 27 EU member states.

At today’s Data Protection Update 2016 conference, the DMA’s CEO Chris Combemale will call on businesses to take responsibility for customer data and ensure they are prepared for the new General Data Protection Regulations (GDPR) due to come into force in May 2018. The conference includes keynotes from people.io Founder Nicholas Oliver, the ICO’s policy delivery group manager Iain Bourne and the chief privacy officer at John Lewis, Steve Wright. In addition, there will be speakers from Barclays, Cancer Research, dotmailer, Experian Data Quality, Governor Technology, L'Oréal, Millward Brown, Opt-4, Privacy Laws and Business, Proximity London and Sky.

Chris Combemale, CEO of DMA Group, comments: “Ensuring the continued growth and sustainability of the data-driven economy we need to, as an industry and society, find the right balance between privacy and commerce. Respect and responsibility are essential to creating the trust required for the growing number of companies that rely on this data to fuel their business. In an increasingly global digital marketplace, Brexit does not change the behaviours that companies must adopt in order to succeed and build long-term relationships with customers.”

The final text of the GDPR was approved by the EU Parliament in April 2016 after 7 years of discussion, making clear a company’s responsibilities when collecting and using customer data. Just a couple of months later, the UK voted for Brexit and suddenly companies were no longer sure if they would have to abide by the framework of the legislation. The reaction to this ranged from delaying to a complete stalling of preparations.

Combemale explains: “Brexit does not change the need for UK businesses to prepare for GDPR. Firstly, it looks likely that the UK will still be a member of the EU when the new rules come into force and as such companies will need to be compliant for at least the period of until the formal Brexit happens. Second, even-post-Brexit if a UK company has a single customer in Europe they will need to adhere to the new legislation. Finally, any trade deal that is negotiated will require an equivalent level of data protection in the UK. If you want to see how seriously the EU takes the topic of data protection with non-member states, you need look no further than its approach and negotiations with the US on Privacy Shield.”

Combemale adds: “At its heart, the new regulations insist on greater transparency, clarity and honest about what businesses do with customer’s data. This emphasis on putting the customer first reflects clearly what we’ve heard consumers and the brands that get this right will build the trust they need to succeed. While those that fail to address the issue of data in an open and transparent way will simply now endure.”