These days, it’s clear that the benefits of GDPR (the European Union’s General Data Protection Regulation) far outweigh the costs.
It wasn’t always this way. Remember the mad scramble in the first half of 2018 to comply with more than 250 pages of new privacy regulations? It was all about developing new data policies, assigning new people to compliance duty and adding new online features that helped people control the use and collection of their personal data.
Sure, compliance was drudgery back then. But now that we’ve had time to digest the impact of GDPR, the picture is far more positive in three essential ways.
- We have better data on online traffic
The first thing companies started noticing after complying with GDPR was that they knew a lot more about the people using their websites, apps and other online properties.
That makes it easier to segment audiences and deliver specific appeals and content to the people most likely to want them. Before GDPR, organizations had to sift through a lot more online chaff to separate current and likely customers from everybody else. That’s better for marketing and customer service, which strengthens businesses.
- Users have more control over their data
Reports of massive data breaches and private companies’ cavalier attitude toward their users’ private data have made the value of GDPR all the more evident. Indeed, the new California Consumer Privacy Act (CCPA) suggests that the future will bring much more scrutiny to the handling of personal data.
The wild frontier of taking anybody’s data and doing anything you want with it is drawing to a close. More people will have the legal right to decline collection of their data and to demand that it be deleted. That’s good for users and the people who serve them.
- There’s more trust and transparency
With GDPR, people can find out the kind of data that companies are collecting. They can refuse to allow cookies to track their behavior. They can find out how companies plan to use the data they collect. And they can feel reassured that potential fines for non-compliance have motivated organizations to take data privacy and governance seriously.
Growing concerns about cybercrime and unwanted surveillance undermine users’ trust in online properties. Providing transparent, easily accessible information on data-protection and privacy polices strengthens the bonds of trust between organizations and the people they depend on, whether they are employees, customers or vendors.
Data Protection is Central to a User-Centered Philosophy
DMI is devoting more time and expertise to helping clients in Europe and the UK comply with GDPR. Of course, we want to help organizations avoid fines and other regulatory actions, but there’s more at work here.
User-centered design starts with a deep understanding of how people navigate digital systems and what they hope to achieve. It’s only natural for users to want their data protected and their privacy secured. We see GDPR as a framework to support our philosophy of user-centered system design.
-Varun Ganapathy, director/digital technology office UK/Europe