Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
The General Data Protection Regulation was adopted in 2016, and required all companies to comply by May 25, 2018. The companies affected by this development are either located in the EU or deal with EU residents* and collect their personal information. This means that these companies do not need to be in Europe, and 92 percent of US companies already consider GDPR a top data protection priority.
The recent Cambridge Analytica scandal demonstrated how important data privacy rules are, especially in todayās interconnected world. The UK-based firm collected information on millions of Americans, which it used for political campaigns. As data flows between continents, the law follows.
Compliance Crackdown
GDPR requires companies to act very responsibly with the data they collect on EU residents. Users must give their consent, be fully aware of how their data will be used, and have the ability to export and delete the data held on them. Companies must also take adequate measures to protect that data.
Companies that do not comply with GDPR can be fined $25 million or 4% of their annual revenue in the case of a breach ā whichever is higher. But compliance is also costly. According to Netsparkerās survey, around 60% of companies will spend somewhere between $50,000 to $1,000,000 to become GDPR-compliant, while more than 10% will spend even more to get there.
This has led to all sorts of interesting compliance tactics. While GDPR is only for EU residents, the nature of the internet practically forces it on everyone, since any of these companies could be dealing with clients from the EU at any time. As a result, a few companies have blocked EU IPs, while others have removed their tracking. Some use a combination: now that we are not tracking you, pay for the ads you donāt see! Facebookās tactic was one of the dirtiest; it tricked users into thinking they had messages waiting for them which they could only see if they accepted the terms.
This problem looks different when it comes to data that companies have collected on their clients over the years: they now need to go back to users and ask them for their consent (this is the reason for all those GDPR emails around May 25). The choice is simple: either get your usersā consent or stop tracking them.
GDPR: Bad for Business?
āGDPR had everybody worried and created a rush of activity up to 5/25,ā said Brian Carter, CEO of The Carter Group. āBusinesses were rewriting their privacy policies, sending emails to renew opt-in [to]their lists, adding WordPress plugins to notify people about cookies ā¦ and sending out email and mailed privacy policy updates. A lot of people donāt necessarily market to or do business with Europeans, but knew they might have a few on their listsā¦ so they felt it was impossible to avoid it.ā
Itās needless to say that most people wonāt re-register to the newsletters to which they once subscribed in return for free services. Ads will be less personalized and less accurate. All of these factors could hurt businesses.
But the truth is, we are just accustomed to bad business practices which eventually hurt more than they heal. Honestly, how personalized have those ads really been? Based on my own experience, I click on one ad in a thousand; the other 999 are irrelevant, intrusive and irritating.
Another example: Facebook and Cambridge Analytica. Facebookās shares dropped and Cambridge Analytica went bankrupt in the aftermath of the scandal. This is what bad data hygiene can do ā compare it to the Obama campaign, which did the exact same thing but was transparent about what it was doing.
So, getting GDPR-compliant pays off ā not only from a fine-prevention angle, but really in terms of customer relationships. According to Kevin Simonson, CEO and co-founder of Metric Digital: āDigital advertising will still be incredibly powerful under these GDPR regulations, but ultimately it will weed out bad actors who donāt believe in transparency. It will raise the tide for all ships involved.ā
Post-GDPR Businesses
GDPR is favoring new ways of doing business. āThe GDPR represents a sea change in the way marketers do business onlineā¦ No more scooping up data wholesale just because you can. If you collect data that doesnāt have a specific purpose, you may find yourself out of compliance,ā says Jeff Edwards, a tech writer and analyst who blogs for Ipswitch. āFor that reason, I think GDPR compliance and auditing capabilities will emerge as a major selling point for marketing tools this year.ā
One of the challenges in the post-GDPR era is that companies have to restrain their hunger for data. But companies need that data or they will miss out big. So whatās the other trick up their sleeve? They make the data ānon-personalā: By removing the identity of whom the data belongs to, they can still keep the data necessary to detect behavioral patterns and train their AI or other services. Kirill Rebrov, Co-founder and CEO of Demografy, has trained AI to predict demographics based on such data. He explains: āOur technology uses ML [machine learning]to infer demographic data from as scarce data as possible. It can be provided with just first names and partially masked last names which are not PII [personally identifiable information].ā
For those who donāt want to encrypt their data, the main challenge will be to dig into and identify where they have kept personal information on their clients. This can be a daunting task, especially for companies that have been in business for a long time and have used several tools to work with data. To aid them, Amnon Drori has co-founded Octopai, which offers a machine learning-based SaaS platform that can connect to heterogeneous storages and create metadata (data about data). This metadata is then used to surface any sensitive information within oneās organization in a matter of minutes as opposed to weeks.
As for the āuser consentā part, AdEx offers a solution thatās GDPR compliant from the ground up. Being a decentralized advertising platform with no middlemen, it has the unique ability to let users decide what ads they see ā thus, they have full control over how they are tracked and targeted, and can stop it altogether. āIn this new model, the power is flipped, where the user/consumer is in control versus the business,ā says Neil Patel, advisor to Kind Ads, another decentralized advertising project which pays users in exchange for sending ads to them. āUsers are empowered, and they are given options in which they can sell their data in exchange for compensation.ā
Could this be the future where we finally get rid of intrusive ads and develop better protection against breaches, with more bandwidth to use and less distraction from what matters most? What is certain is that GDPR will weed out the bad actors and raise industry standards ā until someone finds a way to cheat us again, in more sophisticated ways.
*The correct term is actually ādata subjectsā, which is broader than both āresidentsā and ācitizensā. We have used āresidentsā for simplicity in this article.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.