DMA Legal Update GDPR
Monetise have been a member of the DMA since early 2016. Throughout the year the DMA hold many events around all things marketing. As anyone would likely suspect, the GDPR has been a big area of focus leading up to May and will continue to be so as the industry adapts to the big changes the legislation demanded. The event was an opportunity for members to be updated on what’s happening behind the scenes at ICO HQ, while also providing some ongoing advice.
I’ll start by apologising to anyone reading for the mention of the GDPR post May 25th. Although this was for many in the marketing industry the bane of their working day for 6 months, if there was one single point that could be taken out of this legal update seminar it would be the need to continue to focus on the GDPR as more likely than not there is still work to be done for all companies to be compliant. Its is perhaps best summed up through the words of Elizabeth Denham:
“The creation of the Data Protection Act 2018 is not an end point, it’s just the beginning, in the same way that preparations for the GDPR don’t end on 25 May 2018. From this date, we’ll be enforcing the GDPR and the new Act but we all know that effective data protection requires clear evidence of commitment and ongoing effort.
It’s an evolutionary process for organisations –no business, industry sector or technology stands still. Organisations must continue to identify and address emerging privacy and security risks in the weeks, months and years beyond 2018.”
There is no doubt companies have made huge strides in many areas. There have been new privacy policies written providing consumers a far clearer outlook on how their data is used and the right of access to that data. I personally worked, and am still working, very closely with many of our affiliates to help amend their marketing statements to give every customer that clearer picture. All this should help in increasing the public’s trust and confidence in what happens to their personal data.
I will not label any company in suggesting the work they have complete is not beneficial or moving them in the right direction. However it was clear many are only ready in appearance. Areas where a customer had website visibility on, such as a privacy policy or cookie statement, have been updated. The processes behind the scenes on the other hand, procedures to provide the information for a subject access request, the ability to successfully identify a data breach, are perhaps in need of some work. Once again, I am not here to label any company. There will be many that have spent the time to everything in order but if I were to pass on advice, it would be to double check.
At Monetise we have always seen the GDPR as a positive way to provide further trust to each and every customer. As Elizabeth Denham suggests as “organisations will have the incentive and the opportunity to put people at the heart of their data services. Being fair, clear and accountable to their customers and employees, organisations large and small will be able to innovate with the confidence that they are building deeper digital trust.” It is an important point to end on. There was a lot of advice being provided by the DMA at this event, but there was also a lot of positive praise for the way may businesses have changed for the better. This is only the start of the GDPR journey, but it seems to have got off to a good start for most.
References: