Regulating the processing of personal data is nothing new. Not in Europe, anyway.
The European Data Protection Directive set out tough compliance rules for the use and storage of personally identifying data more than 20 years ago. It put a strong emphasis on transparency and accountability. But the extent to which the rules applied to the processing of European citizens’ data by parties outside the EU was controversial — and much tested in European courts.
The General Data Protection Regulation, which will be in full force from May 28, 2018, entertains no ambiguity. What will matter, going forward, is not who is doing the data processing or where it’s being done: What will matter is the identity of the person whose data is being processed.
That means, quite simply, that GDPR will change your world.
Or will it? Perhaps your brand markets products and services clearly not aimed at European customers. Simply having a website visible in Europe is not enough to bring a brand within the scope of GDPR. Perhaps you are confident that you collect no personally identifying data relating to European citizens resident in Europe. You’ve checked and double-checked. Perhaps you don’t collect personally identifying data at all.
But for everyone else involved in marketing, sales, and especially eCommerce, with operations which might leak into EU member states: Pay attention. Compliance is necessary, and penalties are steep.
That’s why we’re taking a deep dive into GDPR and its implications for U.S. brands this week. We’ll have facts, opinions, commentary — informed and, we hope, useful. But we’ll also keep repeating this mantra: We are journalists; we are not attorneys, and we are not data scientists. If we raise any concerns about the ways in which GDPR might affect your business, get legal and technical advice from experts.
We’ll be getting perspectives from some experts this week, as well as laying out our own understanding of the regulations and their significance. But that doesn’t mean we’ll be forgetting about GDPR going forward: Expect more content as the week’s past, and in particular — beginning February — masterclasses from Derek Lackey, President of the Direct Marketing Association of Canada, who joined us last year for a webinar series on the Canadian regulations, CASL.
Above all, we’ll be looking at positive opportunities GDPR will create for marketing. The news is not all bad: Read on.
