Four letters were never more important until May 25, 2018: GDPR. The General Data Protection Regulation was enacted by the European Union to protect consumers’ right to data privacy. A number of global incidents, including the recent Cambridge Analytica Facebook scandal, have lead the EU to empower consumers to take control of their data. Websites must give consumers the ability to opt-out of data collection and processing, or take extra steps to anonymize the data being collected.
According to MarTech Today (2018), “In order to be GDPR-compliant, a company must not only handle consumer data carefully but also provide consumers with myriad ways to control, monitor, check and, if desired, delete any information pertaining to them that they want.”
But wait, what if you’re an American-based company?
If you’re an American-based company doing business in the EU, this rule pertains to you, too. Although the law is not enforceable under American law, the EU will enforce it on their side. To avoid being penalized or banned from EU business, it’s best to devise a new data management strategy.
First and foremost, companies have to get their IT and other teams educated on the topic. Familiarize your teams with the law, create education materials and devise an implementation strategy that makes sense for your business. For some companies, it may make sense to appoint a position to lead the change and monitor compliance over time.
You may have noticed pop-up messages noting changes to cookie policies, like on popular websites like Forbes and BusinessInsider. These messages link to the new rules, regulations and options for users to change their settings. A pop-up message clearly makes users aware of the new changes and empowers them to take control of their data. For additional information on how to get your team up to speed, check out this checklist from Forbes (2018) on ensuring GDPR compliance.
Google Analytics also updated its data policy and platform to meet compliance. The changes occurred at the same time as the GDPR on May 25. Google Analytics sent an email to admins and JeffAnalytics (2018) breaks down the platform changes in their recent blog post. The platform implemented new controls over data retention. If your company uses custom reports or advanced user segments, they may be affected by the updates.
Digital marketers rely on cookie collection and digital audience segments to deliver the right message to right audience. Now more than ever, it’s important for companies to ensure they are working with trusted data partners and updating data policies to maintain compliance. While the GDPR regulations are being enforced in the EU, it’s not a bad model for American companies to follow, too. Companies that remain transparent about their data collection policy can build credibility and trust among their consumers. In the end, everyone’s approach to reaching GDPR compliance will look different, so create a task force and figure out what works best for your company!