One year to go: The countdown to GDPR begins
The countdown to the General Data Protection Regulation (GDPR) is officially on. On 25th May 2018, the introduction of the new legislation will mark the start of a new era of how businesses manage, process, store and share personal customer data. This new legislation will replace the long-standing Data Protection Act 1998 and introduce stricter rules on how businesses process personal customer data.
Importantly, this is an EU-wide initiative, and despite the UK’s imminent departure, it will still be ‘opting in’. However, Secretary of State Karen Bradley MP has stated the UK will “then look later at how best we might be able to help British business with data protection while maintaining high levels of protection for members of the public.” It’s important that businesses are prepared for this significant change. So, what will GDPR mean for the way they manage customer data? And, with the legislation’s focus on data security, what more can businesses do to keep their customer data safe?
What do businesses need to know about GDPR?
In essence, the rules will introduce stricter requirements around when brands and businesses can use data. This means they will need to be clearer about the information they are requesting from customers and how they will use it. Confusing contracts and terms and conditions will no longer be an option; companies will need to provide transparency at all stages during the collection of customer data to ensure consent is given unambiguously.
Another important change is increased accountability. Strict penalties will be introduced to businesses that breach the new legislation, with the maximum fine increasing from £500,000 to €20m or 4% of global turnover for the most serious incidents.
At a time when data breaches are an unfortunate everyday occurrence, businesses are already faced with a huge responsibility to keep their customer’s personal information safe – or risk the consequences of a significant fine. What better example than TalkTalk, which was hit with a record £400,000 fine by the Information Commissioner’s Office for failing to protect the personal data of 156,959 customers from a cyber attack.
Who will the GDPR apply to?
The Act will apply to both processors and controllers of customer data. In simple terms, the controller says how and why personal data is processed, and the processor acts on the controller’s behalf – as defined by the ICO. For businesses wondering if the GDPR will affect them, as a general rule, those which are currently regulated by the UK Data Protection Act are likely to be affected by the GDPR.
The rules will be imposed across Europe, building a harmonised data protection regime that impacts not only on companies based in the EU but also those that want to do business here. Although it will be some time until it is understood exactly how the UK will adopt GDPR, at the very least, businesses working with EU countries will need to abide by the legislation as it applies to the management of customer data flowing both in and out.
Taking actions to beat the fraudsters
Cybersecurity is an unavoidable consequence of the digital world we now live in – and the GDPR is shining a spotlight on the role customer-facing organisations must play in protecting customer data.
For banks in particular, which are generally among the most trusted brands by consumers, I believe there is huge potential for them to build on the role they already have in their customer’s lives – and and offer increased support and assistance to help keep them safe online.
It is clear that protecting information is important to consumers and so banks should be looking to evolve their propositions and capitalise on this. Barclays has just announced steps to do just this, with the Chief Executive vowing to lead a £10m campaign against digital fraud.
And there are other benefits, particularly for banks, that can offer protection solutions to their consumers, too. According to our latest research, The Connected Customer, people who take out products that help them alleviate their cyber concerns tend to be more engaged and, ultimately, more loyal.
An education for consumers
Businesses should also consider how they can help customers be more savvy online. With consumers logging in to multiple devices, e-commerce platforms and social media sites each day, it’s clear they are also responsible for protecting themselves. Awareness of cyber security doesn’t seem to be the issue; a report by Symantec revealed 57 percent of customers “are worried their personal information is not safe”. But despite this, a study by Aite found 49 percent of consumers exhibit at least one risky behaviour which puts them at higher risk of financial fraud.
Last year, Financial Fraud Action UK (FFA UK), major banks and financial services providers united to launch a national campaign to combat financial fraud called Take Five, which lists five ways consumers can help protect themselves from fraud, including guidance on how to identify disingenuous emails.
Looking ahead, we can expect to see more initiatives such as this introduced across a number of customer-facing industries, with organisations, industry bodies and associations working together for the greater good.
A new dawn for customer data
With GDPR now on the horizon, companies are facing an increased responsibility to keep customer data safe, and provide transparency at each step of the data-collection process. But there is also a great opportunity to connect with customers over cyber security and be part of the education and empowerment journey. Those which can are likely to reap the benefits with more trusting, local customers.
By Karen Wheeler, Vice President and Country Manager UK, Affinion
GfK and VMware: Innovating together on hybrid cloud
GfK has been the global leader in data and analytics for more than 85 years, supplying its clients with optimised decision inputs.
In its capacity as a strategic and technical partner, VMware has been walking GfK along its digital transformation path for over a decade.
“We are a demanding and singularly dynamic customer, which is why a close partnership with VMware is integral to the success of everyone involved,” said Joerg Hesselink, Global Head of Infrastructure, GfK IT Services.
Four years ago, the Nuremberg-based researcher expanded its on-premises infrastructure by introducing VMware vRealize Automation. In doing so, it laid a solid foundation, resulting in a self-service hybrid-cloud environment.
By expanding on the basis of VMware Cloud on AWS and VMware Cloud Foundation with vRealize Cloud Management, GfK has given itself a secure infrastructure and reliable operations by efficiently operating processes, policies, people and tools in both private and public cloud environments.
One important step for GfK involved migrating from multiple cloud providers to just a single one. The team chose VMware.
“VMware is the market leader for on-premises virtualisation and hybrid-cloud solutions, so it was only logical to tackle the next project for the future together,” says Hesselink.
Migration to the VMware-based environment was integrated into existing hardware simply and smoothly in April 2020. Going forward, GfK’s new hybrid cloud model will establish a harmonised core system complete with VMware Cloud on AWS, VMware Cloud Foundation with vRealize Cloud Management and a volume rising from an initial 500 VMs to a total of 4,000 VMs.
“We are modernising, protecting and scaling our applications with the world’s leading hybrid cloud solution: VMware Cloud on AWS, following VMware on Google Cloud Platform,” adds Hesselink.
The hybrid cloud-based infrastructure also empowers GfK to respond to new and future projects with astonishing agility: Resources can now be shifted quickly and easily from the private to the public cloud – without modifying the nature of interaction with the environment.
The gfknewron project is a good example – the company’s latest AI-powered product is based exclusively on public cloud technology. The consistency guaranteed by VMware Cloud on AWS eases the burden on both regular staff and the IT team. Better still, since the teams are already familiar with the VMware environment, the learning curve for upskilling is short.
One very important factor for the GfK was that VMware Cloud on AWS constituted an investment in future-proof technology that will stay relevant.
“The new cloud-based infrastructure comprising VMware Cloud on AWS and VMware Cloud Foundation forges a successful link between on-premises and cloud-based solutions,” says Hesselink. “That in turn enables GfK to efficiently develop its own modern applications and solutions.
“In market research, everything is data-driven. So, we need the best technological basis to efficiently process large volumes of data and consistently distill them into logical insights that genuinely benefit the client.
“We transform data and information into actionable knowledge that serves as a sustainable driver of business growth. VMware Cloud on AWS is an investment in a platform that helps us be well prepared for whatever the future may hold.”