By Sven Dummer | Posted on October 19, 2017
The Wild West era of consumer data collection is coming to a close. For years, businesses across the globe have been able to skate by with pre-checked consent forms filled with ambiguous terms, allowing them to collect vast quantities of customer data with impunity. Consumers, on the other hand, largely had little to no clue what information companies were collecting or for what purpose. The EU’s General Data Protection Regulation (GDPR) is going to put an end to many of these practices.
If you haven’t already, mark May 25th, 2018, down on your calendar because that’s the day GDPR goes into effect – and consumer data privacy is never going to be the same. Broadly speaking, GDPR aims to overhaul customer data collection, governance and usage standards, and provide individuals with more transparency.
One of the chief changes GDPR will be invoking is ending the use of ambiguous consent forms. Savvy marketers have been able to gobble up massive amounts of consumer data without needing to tell customers what their intent was. These circumstances allow organizations across the globe to collect and store huge data lakes filled with customers’ personal data.
GDPR will stipulate that consent forms clearly spell out not only what data is being gathered, but how it will be used – in other words, explicit consent. This regulation will enable consumers to pick and choose what information they share and what types of initiatives they’d like to support. Research suggests that this is exactly the kind of agency that today’s consumers – especially millennials – are looking for when it comes to data sharing. Forrester identified what it referred to as “digital natives” or “data-savvy digitals” as people who would be most likely to share personal information with companies. In fact, 36 percent of these data-savvy digitals would be willing to share even more data with brands if there was a clear benefit to doing so. GDPR is going to enforce transparency about what exactly the data is being used for, and what benefits a consumer will (or will not) gain by sharing their data.
Common current examples of this in action are context-specific promotions and offers. For instance, if a user provides their birthdate when signing up for a restaurant chain’s mobile app, they can receive a free menu item every year on their birthday. You give a little, you get a little.
Security and compliance officers will have to ensure these consent protocols are being followed. Adhering to explicit consent parameters will be difficult without major changes to brands’ current consumer consent practices.
Lifecycle consent management tools can make the transition to GDPR compliance much smoother by providing all the form templates companies will need to act in accordance with explicit consent directives. These solutions provide the complete transparency and oversight required to not only ensure customers sign off on data-based initiatives, but that brands have a clear paper trail in the event of an audit.
Another main issue to consider with GDPR is what to do with all of that legacy data brands have already collected over the years. Existing customer databases will not be grandfathered in once GDPR goes into effect. To continue using legacy customer data repositories, companies will need to get explicit consent from those affected individuals. If they are not granted that consent, businesses will instead need to erasing that information from their databases.
Combing through years of customer data may sound like an arduous process, but lifecycle consent management solutions can help streamline this process by enabling quick consent reconfirmation without disrupting the customer experience.
Navigating GDPR guidelines is no doubt tricky, but there is a way forward. Lifecycle consent management software removes the obstacles and bottlenecks that could otherwise slow down compliance efforts and put companies in jeopardy.
Janrain’s Consent Lifecycle Management solution can help businesses stay compliant in the face of GDPR’s rigid customer data usage rules. Find out more today.
How to tell if your identity management is ready for the new data protection regulations…
We just released the latest member of the Janrain product family: Janrain Advanced Policy Manager…
Janrain Information Security Manager, Lisa Nicholson, shares her thoughts on why CSA Level 2 and…