GDPR - the Y2K for the 21st Century?
Back at the end of the last century, everyone was petrified by the so-called Millennium Bug which was going to cause aeroplanes to drop out of the sky, banks to crash and nuclear weapons to fire.
Whilst we aren’t as frightened (yet) by GDPR, the way that many organisations are wailing and gnashing their teeth (proverbially of course) you’d think that we’d been hit by the syndrome all over again.
Let’s go back to 1999 for a minute to find out if there are any practical similarities between these two phenomena.
The reason why so many government and organisations were so worries about the Millennium Bug, or Y2K as it became known, was that the entire digital infrastructure had been built around having a ‘1’ as the first integer rather than a ‘2’ - hence the move from 1999 to 2000.
The concern was that as the clock struck midnight on December 31st 1999, all the computers would go haywire as their programming failed. Check out how the BBC reported it 15 years on - http://www.bbc.co.uk/news/magazine-30576670
Now, with the benefit of hindsight, we know that all of these concerns were unfounded. The vast majority of companies had put into place procedures and plans to deal with this issue many years in advance.
Or they were so far behind the curve that they didn’t have an infrastructure based on digital technology - this was the case with London Underground who still had many switches operated by 1940s valve technology!
Fast forward to 2017 and we are similarly concerned about the new GDPR (General Data Protection Directive) coming out of Brussels, which will become law in May 2018. This is in essence an update on data protection for the social media world we now live in and was prompted in part by a major European court case involving Google (full background here).
We already have laws governing what we do with data protection. These were enshrined within the 1998 Data Protection Act (more on this here).
GDPR goes further and is forcing many organisations to look at exactly what they do with customer data. Some, like Wetherspoons, are choosing to delete their entire email database (this may of course be a PR stunt) while others are looking to restrict all but the simplest customer communication.
But I see this as an opportunity. Data is such an important part of our day-to-day lives, from CRM systems to business intelligence and from social analytics to monitoring trends on Twitter. Why not use GDPR as an excuse to overhaul the entire way your organisation monitors, sorts, uses and ultimately monetises the data you hold?