Paulsen Presents GDPR and Privacy Trends Webinar

by Sara Steever
May 30, 2019 • 3 minute read

Paulsen was invited to present a webinar on GDPR and the Trend to Privacy as part of the  National Agri-Marketing Association 2019 webinar series. If you registered for the original recording, you can find the archived version here:

If you were not able to participate in the webinar, here’s a recap on a topic that is pressing for everyone in agri-marketing.

What is the GDPR?

The General Data Protection Regulation (GDPR) is a European Union law on data protection and privacy that was implemented in 2018. It’s part of a larger trend towards individual control of personal data. There are a lot of details specific to the GDPR, the ePrivacy amendment to the GDPR and other laws like the California Consumer Privacy Act and the Vermont Data Brokers Regulation, but here are the main points of the trend toward privacy from the perspective of the individual.

The rights of data subjects include:

  • Right to be forgotten
  • Right to data portability
  • Rights regarding automated processing
  • Right to know if they’ve been hacked

Why was the GDPR enacted?

When you are thinking about the impact of the GDPR, it is important at a macro level to understand how the EU compares itself to the U.S. in terms of data protection. Opinion writers on the EU side see themselves as privacy first, and the U.S. as a country governed by Silicon Valley—at least when it comes to data protection.

The Economist reports that the “EU is pioneering a distinct tech doctrine that aims to give individuals control over their own information and the profits from it, and to pry open tech firms to the competition.”

Of the top 20 most valuable tech firms in the world, 15 are in the U.S., and only one is in the EU, which I believe is Spotify. In many ways, data represents power. To return power to the government, which supposedly represents the people, and to prevent anti-competitive behavior where data and power are held by a few companies, the EU has taken the lead in regulating data (or power) through the GDPR.

As the Financial Times explains, this is the so-called Brussels Effect in action: “The EU tends to write rules for itself and let the gravity of its huge market pull other economies into its regulatory orbit.” Businesses faced with multiple regulatory regimes will tend to work to the highest standard, which is known widely as the “Brussels effect.”

As it turns out, that Brussels Effect is affecting all of us.

GDPR Is a Law with Consequences

If you are in the U.S., you may be wondering if you need to worry about GDPR. The answer is yes, if you have or will have customers or employees in the EU, regardless of the physical location of your company.

There are also hefty fines in place for violations: €20 million ($22,493,000 USD) or four percent of annual revenue, whichever is greater.

The fines are pretty stiff but keep in mind, this is the worst-case scenario for fining, and so far, only three fines have been issued. I think the spirit of the GDPR is less draconian than we originally thought, but still not something to take lightly because as you will see, it is just the edge of the wedge in terms of personal data protection.

What does this mean for my company?

Thinking about the implications of each of these rights is a window into how far-reaching this trend is. Here are just a few of the steps for organizations to take:

  • Hire a data protection officer and build an inclusive internal team
  • Perform a thorough data audit and plan for governance
  • Work to achieve the goal of having a single entry for a data subject for efficient compliance
  • Prepare for transparency in data processing
  • Ensure that consent by data subjects was/is “freely given, specific, informed and unambiguous”

You may also want to seek the counsel of your attorney with respect to GDPR. (We are not lawyers, and nothing here should be construed as legal advice.)

Where are we headed?

This trend toward privacy corresponds with a softening in the growth of third-party data platforms, and a stronger growth pattern in the use of first-party data platforms. On the recent Google Marketing Live broadcast, several topics surrounded the changes happening at Google including replacing personalized ads with contextual ads, supported by artificial intelligence, machine learning and user controls.

The Facebook family of properties (Facebook, WhatsApp, Messenger and Instagram) will also trend toward increased privacy through increased reliance on private groups, encryption of user data and reducing the permanence of information.

To sum it all up, this trend is just the beginning, so data stewardship and user rights will impact marketing permanently.

Print’s Place in a Digital World

Why Netflix Makes Farming Better

7 Overlooked Brand Marketing Experiences

7 Overlooked Brand Marketing Experiences