Finance Elite Awards 2018

US BUSINESS NEWS / 2018 Finance Elite Awards 7 • Information on security • Accountability Brands that interact with EU customers will need to be crystal clear about how (and why) they are going to use customer data from the point of collection (which will require a clear privacy notice) and beyond. So in the post- GDPR world, brands will need clear consent or a legitimate reason to talk to customers and prospects, the days of pre-ticked opt-in boxes, and hidden data processing notices are over for brands that want to service and sell to EU markets. GDPR no longer allows you to collect or store data that is just ‘nice to have’, so brands need to decide what information is necessary rather than cast the net wide and trawl it later. Brands will also need to ensure that the data they hold is accurate and up to date, if a brand is still using data collected a few years ago it may no longer meet the requirements of the other GDPR principles. Customer data still needs to be stored safely so you need to implement controls that protect the confidentiality of your customers data. You will also need a Disaster Recovery Plan to restore the data if the worst happens. But I’m sure these are in place already. So across Europe, brands have spent a lot of time, money and resources to ensure that they will be able to adhere to these processing principles and avoid the headline-grabbing fines (4% of turnover or $24m whichever is greater). And as I’ve already mentioned above, EU residents are protected wherever the data is processed so it’s imperative that US brands also take note and cover this in their legal process too. The easiest way to achieve this is to copy the data and GDPR strategies that your EU counterparts have been drafting and implementing in the run-up to the changes. To quote Steve Jobs misquoting Picasso: “Good artists copy; great artists steal”. But GDPR is more than just processing and principles, customers will have rights too. Beyond the changes in technical process and legal jargon that is keeping data practitioners awake at night, we shouldn’t forget that these customer rights are the linchpin that will enable brands to continue doing brilliant work that builds mutually beneficial relationships with your customers, instilling trust, that will in turn lead to brand growth. These consumer rights include: • The right to be informed • The right of access • The right to rectification • The right to erasure • The right to restrict processing • The right to data portability • The right to object • Rights related to automated decision making and profiling Despite first, scary and often negative appearances in the new customer rights, there are big and positive opportunities for brands in a post-GDPR world, though marketers will have to be prepared to think creatively if they’re to realise them. Therefore, it’s now time for brands to raise their sights and focus on the potential ushered in by the new world of customer data ownership. BBH refer to this concept as the Data Value Proposition In plain English, what is the value that you are providing for new and existing customers? How do you persuade them to lend you their data, and to let you go on using it rather than taking it to your competitors, especially the disruptors within your sector? That value may be monetary. But our view is that to default to cash for data is tantamount to admitting defeat; the equivalent of throwing money after promotions rather than investing in long-term brand equity. Rather, BBH believe you should be asking yourself how you will use customers’ generously offered data to co-create unique value with and for them. The brands that do this successfully will be manufacturing for themselves an effective, cost-efficient, and sustainable competitive edge for years to come. In a world where data breaches are on the rise in terms of both scale and severity, GDPR will strengthen the regulation and use of personal data and standardise good privacy and security practices. While GDPR is set to go into effect across the EU, it has a much wider reach, all international brands should consider its regulations and principles as the benchmark for a great data strategy. GDPR presents itself as the ideal model for best practices around personal data for businesses the world over. It will also provide a framework for creating transparency and an essential roadmap for building and restoring trust with consumers worldwide. So stand on the shoulders of giants, learn from our mistakes, copy our data strategies (But don’t steal the data). What can US Marketers learn from GDPR g