TrustArc Blog

TrustArc Sponsored “Data Protection 2018: Beyond the GDPR”

October 02, 2018


Picture from the  Direct Marketing Association event  in London on September 28th, which TrustArc sponsored.

Four months after the May 25th deadline, 145 privacy and marketing specialists gathered  in London to share thoughts about the next phase of GDPR implementation. Why? Because May 25th was not the end  of GDPR, and people did not stop working on their compliance programs. Indeed, everyone agreed that the volume of rights requests across all industries has increased. Attendees also noticed that with the greater awareness of GDPR has come greater complaints about GDPR – especially because  legitimate interest pertaining to Marketing is confusing customers. According to Jo Blazey, global data governance officer at Commvault “people are becoming their own data protectionist”!

One way to combat the confusion that consumers are facing was illustrated by BBC Head of Marketing Ian Wolfe and Senior Lawyer Kate Reid, who made strong efforts to be transparent and communicate to people what they were  doing. They created guides around consumer rights that provide several types of explanations and illustrations for the different kinds of interest. For example, for a basic level of interest the BBC is using short sentences and a simple explanation instead of just restating  complex principles. They even created a privacy policy for kids! Making this otherwise complex concept approachable, the BBC noticed that they had more visitors on policy webpages.

Some of the other topics discussed at the event were: the Brexit and its impact on privacy, how to deal with the data flow from UK to EU and from EU to UK, and how to allocate resources for GDPR programs. For example, now organizations need to have a DPO, need to know what data they have, where it comes from, or where it leaves, etc. Another topic of discussion was around data fueled AI, and the ethical challenges surrounding it.

This event illustrates that the GDPR is the beginning, not the end. While the compliance deadline has passed, many organizations are still discovering the broader implications the GDPR brings, and how to implement programs around them. To learn more about how TrustArc GDPR solutions can help, please contact us today.