Ahead of the new General Data Protection Regulation (GDPR) taking effect in May 2018, new research reveals 62% of UK consumers want stricter rules surrounding data collected about people’s online behaviour (sites they visit, ads they click and purchases they make).
The same percentage also want stricter rules related to data shared between companies according to the survey of 1,000 UK consumers conducted by UNICOM Global’s Macro 4 division in partnership with MaruUsurv, the online survey company. And 31% want companies to provide discounts, special offers and other incentives in exchange for their personal information
The GDPR – which aims to increase transparency about the collection and processing of personal information by all organisations – addresses the public’s concerns related to online behaviour tracking by classifying online identifiers such as cookies and computer IP addresses as personal information. Online retailers, marketers and advertisers who collect online data need to be ready to explain exactly how they are using this kind of information and to respond to customer queries about it.
CHECK OUT AIMM’s THOUGHTS ON GDPR
Under the new regulations, consumers will have the right to request free access to all the personal information any organisation is holding about them, and the Macro 4 survey suggests that the number of such requests could be significant.
Around half (52%) of the UK consumers polled would make a data access request if they suspected their personal information was being held without their consent; 39% would consider doing it just because they are curious to see what data companies are holding about them; and 26% would make a request if there was a chance of compensation – which is possible if the rules were not being followed or their privacy was being breached, for example. 17% would make a request in order to ‘get back’ at companies who had given them a negative experience.
GDPR requests pose a challenge because personal data now includes so many different types of information and because it is difficult to predict just how many requests to prepare for, explained Lynda Kershaw, Marketing Manager at Macro 4, an IT provider
“Personal information can be anything that is identifiable to an individual: everything from contact details, date of birth and credit card numbers, to information within emails and social media conversations, letters, bills and policy documents and even behavioural tracking data. Much of this is unstructured information held in separate systems controlled by different business departments and cannot be pulled together at the snap of your fingers.”
While tough financial penalties are expected for failing to comply with the GDPR, experts believe companies should also be concerned about compensation litigation, which could mimic the activity that has grown around Payment Protection Insurance (PPI) compensation pay-outs. Potentially hundreds or thousands of individuals could be brought together by law firms to mount ‘no-win, no-fee’ class actions against organisations who have not adhered to the new data privacy regulation.
The Macro 4 research also finds that 42% of consumers find it difficult to keep track of personal information they have consented to organisations collecting, while 41% would be more likely to use a company that made it easier to understand what personal information they are holding and how it will be used.
For more background on the survey results download Macro 4’s accompanying report ‘The GDPR: what consumers think’
A short guide to the GDPR is available here