Ever since the UK left the EU, data protection has been a hot topic. On the one side government officials on one side argue that current rules are unnecessarily restrictive, while on the other privacy campaigners maintain that any changes to legislation could make it harder for organisations to do business with EU partners.
The solution to this conflict may lie in reinterpreting how we think about GDPR, rather than revising the regulations themselves. The UK’s Data and Marketing Association has suggested that GDPR codes of conduct could be a way to clarify the rules without having to water them down. We’re joined this week by DMA CEO Chris Combemale to discuss this idea, as well as the potential impact the government’s proposed changes to UK data protection laws could have on businesses.
Highlights
“When GDPR came into force, one of the main objectives … was turning the previous data protection legislation from 1998 from a directive, which gave each country the opportunity to have some flexibility, to a regulation, which theoretically means less flexibility nationally ... but in actual fact, every Data Protection Authority across the remaining 27 countries of the EU is interpreting and applying GDPR in a different way. And that is creating huge inconsistency and confusion. So one of the things we're doing [is] trying to create a network of national codes of conduct that harmonise the interpretation in the ways we think are consistent.”
“If you have customers that no longer want to do business with you, for whatever the reason, it's not actually efficient for that company to continue to communicate with you. It's not a productive use of resources, and what companies are trying to do when they're collecting insight about their customers, and understanding what their customers buy, they're trying to find those customers that really do want to have a long term relationship and do want to buy from you frequently and do want to benefit from the things loyalty offers. And that's where companies want to invest their money, because that's what's profitable. So philosophically, then, there is no contradiction between what GDPR asks and what companies are trying to do.”
Read the full transcript here.
Footnotes
- What is GDPR? Everything you need to know, from requirements to fines
- GDPR turns three: The biggest fines so far
- The IT Pro Podcast: Happy birthday GDPR
- DCMS lifts the lid on UK GDPR reforms, including ICO restructure
- Irish data regulator fails to resolve 98% of big tech GDPR cases
- The IT Pro Podcast: Navigating Brexit data transfers
- Footballers seek compensation for "GDPR violating" performance data trading
- Seven steps to GDPR compliance
- Amazon faces £637 million fine over GDPR violations
- Data protection policies and procedures
- Nine top GDPR tips for email marketing strategies
- What are the responsibilities of a data controller?
- Three key steps to delivering data-driven marketing
- How to build an effective marketing strategy with the cloud
- The rise of consent and preference management
Subscribe
-
Meta just revived plans to train AI models using European user dataNews Meta has confirmed plans to train AI models using European users’ public content and conversations with its Meta AI chatbot.
-
AI is helping bad bots take over the internetNews Automated bot traffic has surpassed human activity for the first time in a decade, according to Imperva
-
The new era of cyber threatsITPro Podcast With AI-powered attacks and state-backed groups, security teams face face a new wave of sophisticated threats
-
Supply chain scares and Google’s AI codeITPro Podcast As the ransomware attack on Blue Yonder disrupts a wide range of firms, Google moves to lead by example on internal AI code
-
Halloween special: Cybersecurity horror storiesPodcast Join us for three terrifying tales sure to chill any IT professional to the core
-
Securing your business with education and trainingITPro Podcast Keeping your workforce updated on the latest threats requires a cohesive cyber skills strategy
-
Cracking open insider threatsITPro Podcast Leaders need to perform strict identity measures on would-be hires – and ensure employees who leave have access promptly removed
-
Protecting the public sector from hackersITPro Podcast With the public sector facing increasingly sophisticated threat actors, leaders need centralized security plans and better communication
-
How cyber attacks damage mental healthITPro Podcast As staff struggle to cope in the immediate aftermath of a cyber incident, leaders must do more to foster a culture of support
-
LockBit leader revealed: What it means for ransomwareITPro Podcast With LockBit's founder having been unveiled publicly and with international law enforcement still digging into detailed attack stats, the group is on high alert
