TECH

Who will be impacted by the effects of data protection regulation?Businesses and consumers have been feeling the effects of the General Data Protection Regulation (GDPR) for some time. GDPR is the European Union's latest effort to protect the personal privacy of its citizens - and comes with teeth. As a Regulation and not a Directive, all Member States, including the United Kingdom, must comply with it without the additional step of national ratification. Companies and people who do not live or work in the EU are not immune. Anyone who has clients in the EU or works with information processors in the block is subject to GDPR. Faced with this, it is somewhat scary to note that today, 64% of US companies do not know or care about GDPR.The concept of privacy protection makes sense, but whenever a government body enters a debate and then regulates, there is usually collateral damage. The scope of the GDPR is broad and the impacts are subtle and complex - which means there will be winners and losers.


Here are the likely winners to come under the GDPR scheme:

IT Suppliers
At the core of GDPR is "data protection by design and by default," which means that it is often not enough to update legacy processes with a privacy veneer, but it may be necessary to build new processes and systems or significantly redesign existing ones . The EU claims that these changes will result in savings for businesses of more than € 2.3 billion per year due to the improvement and simplification of processes. But in the short run, the costs to businesses will be much higher than economies, making IT vendors a major beneficiary of these spending, many of which are actively promoting their products and services, said to meet privacy demands.

Business Consulting

Any benefit enjoyed by IT vendors is likely to be diminished by the benefits of consultants who guide companies on how to run their way through GDPR. Europe's three major strategy consultants - McKinsey, BCG and Bain - and the four major implementation consultants - Deloitte, EY, KPMG and PwC - have active GDPR practices along with hundreds of smaller consulting firms.

Lawyers

GDPR is a legal document and, as such, much of the activity around the organizational response lies with lawyers. According to Statista, 44% of companies have updated or are in the process of updating their hiring and data protection policies. Lawyers are in the middle of it. For some accounts, 40% of the total GDPR compliance budgets of UK companies will be spent only with legal advice.

Consumers
The impact of GDPR on consumers is likely to vary greatly. On the plus side, they will receive fewer unsolicited advertisements and uncomfortable requests to attend conferences or fill out surveys. On the downside, it will be harder for them to receive personalized services. However, overall - for most - the impact will be positive.The risk of consumers' personal data falling into the wrong hands is expected to decline. And under GDPR, consumers will have a better chance of changing or deleting data about them that are wrong.But consumers are less likely to receive messages or offers geared to their needs. Most consumers will gladly accept this trade-off: less relevance of information for more privacy.


Here are the likely losers who emerge under the GDPR scheme:

Organizations

Organizations across Europe are currently obsessed with the rapid approximation of GDPR. Big headlines, such as gross violations that lead to fines of up to 4% of overall revenue or 20 million euros "whichever is greater", dominated the conversation. But there are hundreds of minor problems to worry about as well.The scope of legislation will likely ensure significant changes in IT systems and operational procedures. IT, advertising and marketing functions are directly affected, but the impacts of GDPR are being felt throughout the value chain, from acquisition to product development, HR, manufacturing and sales.All organizations will face greater restrictions on how they can use data to build and sell products and services. It will be harder to monetize the Big Data. Under GDPR, the cost of doing business will increase. According to the Financial Times, Fortune's 500 global companies will spend a combined € 6.5 billion to avoid breach of the regulation, and this does not include possible fines for non-compliance.

Advertisers

Advertisers, especially those who rely on online promotions, will have severe limitations. For example, GDPR will require explicit consent for each cookie they wish to use, thereby affecting any media or marketing company that uses the redirect, that is, tracking consumers and reminding them through advertising of sites they have previously visited. They will have much less freedom to combine data from different sources and create targeted campaigns for specific groups of individuals.

Digital Giants

GDPR should also reduce the ability of digital giants like Facebook - including its WhatsApp and Messenger services - and Google - including Gmail - to collect and use consumer data, preventing them from targeting ads based on external data.

The price of privacy
The GDPR will apply to all organizations operating or selling to the EU. The net effect is simple: a shift of power from organizations to consumers. A global trend toward more enhanced privacy protection for citizens suggests that GDPR can enable compatible organizations to move forward, providing a long-term benefit. However, in the short term, becoming compliant with GDPR will be an expensive and painful process for anyone who is not an IT provider, a consultant or a lawyer.


Source: Exame Magazine-Brazil