Member Viewpoint: Smartpipe Solutions discuss GDPR
Posted on: Tuesday 01 May 2018 | Chad Wollen
Chad Wollen, Chief Marketing Officer at Smartpipe Solutions answers some key questions on GDPR ahead of 25 May.
1. What's your main priority right now in the run up to 25 May?
There are five things which we are focused on:
DPIA. As a "Data Processor" we are not obliged to conduct a DPIA, but doing it has been incredibly useful, especially using a third party to conduct it.
DPO. Who your DPO is and how they are sourced is a big deal with many future ramifications. This is not a trivial matter, we are thinking hard about our options.
Contracts. Transitioning is a lot of work, especially maintaining the cascade from Controller-Processor-Sub Processor.
Governance. Setting up mechanisms to ensure the spike in compliance activity is embedded into "business as usual" processes is critical.
Culture. Compliance is already yesterday's story. We have to build an industry which recognises this is about digital, data ethics and sustainability.
2. What's the biggest obstacle you're currently facing?
Time. We got a good head start, but the further you push into the weeds the more you need to do. Maybe this is because we are setting the bar very high, or maybe the GDPR is a recursive spiral.
3. What has been your biggest learning over the last two years when it comes to GDPR implementation?
There are five things that have crystallised for us:
Respecting and aligning with the existing laws - the directives - means so much less stress and worry when tackling the GDPR.
Much of what the GDPR is requiring us to do is already a matter of good data governance and management.
The onus is now on the industry to demonstrate compliance. This means that one has to change the culture not just the technology.
US law vs EU law - embracing the differences rather than taking a fight or flight attitude has been valuable.
Any resistance to the GDPR from the industry is self-defeating. Accepting the changes lets you focus on innovation and competitive advantage, and also lets you embrace and encourage consumers to take control.
4. How has the GDPR changed your company culture around data protection?
I think it has shaken our complacency. We are a business which is proud of its data protection credentials and that we have taken the innovation "high road". The GDPR has caused us to put everything under the microscope.
We are now creating a privacy culture which is focused on continuous improvement and always being able to do better. No resting on one's laurels.
5. From your POV, what does/will the GDPR mean for our industry?
It means massive transformation. What is causing the industry a GDPR headache is that the features of our technologies have suddenly become privacy "bugs".
Moving from a default "On" to "Off" with consent is a huge change.
This, coupled with the extended data supply chain of third parties, means some parts of the Lumascape will struggle to survive - the cost of compliance is too great for them to retool and consumers will just never say yes to a long list of vendors.
There will emerge a new sort of industry, one which has a different set of priorities and values.
Marketing in a Crisis - Unlocking Value
Bionic CEO, Brendan Hughes, delves into what effect the current ‘lockdown’ is having on marketing spend and how marketers can reorient themselves in the...Learn more
Ads for the players: getting in-game experiences right
How can in-game advertisers ensure that ads don’t just work for their environment, but fully integrate within it? Bidstack’s CEO James Draper takes a...Learn more
Trusted news needs you: back don’t block British journalism
Today the media industry’s trade bodies have joined forces to help support trusted news brands during this unprecedented COVID-19 crisis.Learn more
What cancelled events means for esports
With the COVID-19 outbreak leading to the cancellation of many gaming events, how are esports faring? Venatus Media’s Marketing Manager Kitty Bartholomew...Learn more