May 9, 2017

The Eurovision of GDPR – douze points or a disappointing no-show?

Markus Melin

Head of Tieto Security Services, Tieto

The Eurovision Song Contest brings people together for a week of music and fun. Another huge European project affecting all of us, the General Data Protection Regulation, seems to confuse the general public. Companies and organisations must work together to share best practices and raise awareness of the new rules and their implications.

This Saturday, the Eurovision Song Contest will once again bring us the most thrilling, outrageous, fun, and haunting pop music performances from the members of the European Broadcasting Union. Over 200 million people all over the world are expected to gather around their TV sets or other displays to watch the show, set their judgement, and share their views.

Behind this well-lit scenery, there is also another huge European project emerging that will affect the lives of millions of people. GDPR, the General Data Protection Regulation, (yes, you’ve probably seen these letters also before in this blog) will come into effect almost exactly one year from now, on May 25, 2018.

But while Eurovision’s world of exorbitant costumes brings people together, the dry legalese of GDPR seems to alienate the general public. In a survey by Dell Technologies, over 80 percent of individuals in companies affected by GDPR said they have little or no knowledge about the regulation.

The situation is alarming. GDPR affects practically everyone in Europe. Employees and citizens should know and be made aware of its implications.

Amidst extensive new demands for companies and organisations, the new regulation extends our right to know how data about us is used and gives us the right to get it removed – the right to be forgotten. In other words, people should pay more attention to it and we all should dig in to make that happen.

A pop group or solo act?

Data is the most valuable asset for many companies. Eurovision Song Contest itself is a great example on handling vast amounts of data: for example, in the 2009 competition almost 11 million televotes were cast during the two semi-finals and the final. Last year, 42 countries participated and a record-breaking 204 million viewers worldwide watched the contest.

As the show goes on, the amounts of data and material spread through digital and social channels prior to and during the event increases every year. Everyone wants a piece of the action.

Up until today, companies have happily gathered as much data as they possibly can on their customers. With GDPR, this sometimes careless approach is coming to an end. Businesses need to know exactly what data is collected and where it is stored, take care it cannot be breached, and be ready to erase the data completely if the customer so wishes.

In a survey Tieto did in Sweden, about 70 percent of the respondents were worried about how their information is used. Companies should take note! Being transparent and implementing GDPR correctly can actually give you a competitive edge.

The specifics of GDPR are readily available, but there is less guidance on how to implement it. This is a big challenge for companies that are battling with diminishing resources. Instead of everyone trying to cope with the requirements on their own, we need to raise awareness together as well as share knowledge and best practices across industries.

This is especially important to small and medium-sized companies of which many are pondering how to cope with the new regulation. But regardless of size, it all starts with understanding what your processes are for handling your customers’ data and why.

Most importantly, we need to realise that all this work mounts up to creating a better customer experience. Living up to the new procedures is not merely a burden, but rather a golden business opportunity. Informed, safe, and satisfied customers are also the happy ones who return to the table. Keep this in mind while you are paving your way to the GDPR afterlife.

In the spirit of Eurovision – will you get the coveted twelve points or be eliminated in the semi-finals? The choice is yours.

Want to hear more on how you can get full points in the GDPR performance? Please join me and Timo Ahomäki in a free webinar in Finnish on May 11. Norwegian and Swedish webinars will be held on the 23rd and 24th of May, respectively.

 

Stay up-to-date

Get all the latest blogs sent you now!