GDPR: one year on
Following a year of headlines about data breaches and the implementation of the General Data Protection Regulation (GDPR) in the European Union, privacy is more relevant than ever. Our VP Digital Confidence and Data Protection Officer, Amancio Kolompar, looks back at the year in which data protection took centre stage – and shares his insights on why the coming year will be no different:
2018 was an intense year for privacy teams in many organizations. We saw the implementation of the General Data Protection Regulation, which changed the way companies deal with personal data forever. In a world in which people are increasingly living their lives online, resulting in enormous amounts of data being collected and shared every second, it was high time that the former 1995 Directive was replaced. With the GDPR, data protection regulation moved into the 21st century with the goal to give control back to individuals. For Liberty Global – as for many organizations around the world – this meant working on an extensive GDPR implementation program to update our business processes, rewrite policies and statements, review contracts with third party suppliers, and so much more.
Many of the GDPR programs in Europe were driven out of fear of the new powers of Data Protection Authorities, which could result in fines up to 4% of annual global turnover. Even though no earth-shattering fines have been issued to date, since the implementation €56 million in GDPR fines have been imposed across 11 European countries.
Additionally, the GDPR and the media coverage it received, resulted in people exercising their rights to privacy like we’d never seen before. More than 89,000 data breach notifications and 144,000 complaints have been filed with European Privacy Authorities thus far. And all these efforts have started to bear fruit. Companies like Facebook and the advertising industry as a whole are openly discussing their business models in an effort to reduce the amount of data required and to be less intrusive on people’s personal lives.
The increased awareness around privacy also means that people are probably becoming more cautious about providing organizations with their personal data in the first place. As a provider of internet, television and telephony services our customers’ entire digital lives are entrusted to us and we have a huge responsibility in handling their personal data with the utmost care. This is why being transparent to our customers (and employees!) about what data we collect and how we use that data is crucial in building and maintaining the trust that is needed to continue to thrive as a company.
In addition, as a customer-centric organization, putting a greater emphasis on being transparent has also created an opportunity to differentiate ourselves through more sophisticated ways of offering personalized services and giving customers more control of how their data is being used.
Ensuring transparency and handling of personal data in a responsible and secure manner is something we as a team continue to work on together with many other stakeholders and really is the responsibility of every single one of us within this organization. Not only because the law tells us to or because we want to avoid fines, but above all else, because it’s the right thing to do for our customers and employees. Expect that privacy will remain a core topic on the agenda in many board rooms for the foreseeable future.
