Who’s the enemy and what are they plotting?
The enemy this time comes in the form of European Commission Vice President, Vivian Reding. She’s sticking the EU’s nose where it doesn’t belong yet again by trying to push through plans to create a single European General Data Protection Act. She’s doing this even though the UK already has a very affective opt-out policy that is fit for purpose via the TPS.The proposal is made up of two EU documents; the Regulation and the Directive. They plan for these legally binding documents to overthrow current UK regulation (the 1995 Data Protection Directive) which was implemented into UK law via the Data Protection Act 1998 (DPA).
These changes are expected to be enforced by 2015.
Some of the proposed changes would include:
- A much (close to impossible) higher standard of consent
- Re-opting in all data subjects every 6 months
- Abolishment of Subject Access Request fees
- Mandatory appointment of a Data Protection Officer
- More severe fines and penalties for non-compliance
- IP addresses will be classed as private
How are these changes going to cripple your business and affect our society?
If the EU get their way and enforce these changes there are going to be significant impacts on UK business with catastrophic effects on the data industry specifically. If these changes go through, the MoJ estimates that costs to business are going to increase by up to £320 million. This is going to come from things such as the requirement of the Data Protection Officer which will probably cost your business around £64,000 a year before the additional expenditure of new staff training and assessment costs.
The abolishment of Subject Access Request fees are going to encourage fictitious and unnecessary requests which is going to cost your company valuable time and money. The MoJ estimate an increase in requests of up to 40%.
If all of that hasn’t crippled you enough already then the new non-compliance fine of up to $1,000,000 or 5% of global annual turnover will definitely finish you off. The lack of clarity surrounding the new regulations as well as the strict guidelines that leave no room for human error, will undoubtedly damage the UK data industry and destroy small businesses.
If you hope to pay those increased costs then you had better have a second revenue stream somewhere to make up the deficit. The new regulation is going to bring about a loss in revenue thanks to an inability to market to your existing customers. Yes, you heard right; all that data you have worked so hard to acquire will become next to useless to you. If you want to use your existing customer data then you will have to shell out yet more money in order to re-formulate your database.
All of these changes are going to put a significant number of people out of work as their companies go under from this new, far stricter regulation. This is going to increase unemployment (yet again) and put yet more strain on our already overtaxed welfare system.
What industries are being targeted?
Does any aspect of your industry rely on the use of data in some form or another? If so then chances are they are targeting you.
If you’re not included on the opposite list then don’t breathe a sigh of relief just yet. If you’re looking to promote your product or service to a targeted market at any point in the future then they are aiming these new changes at you as well.
The key industries that are going to be most affected are:
- Outbound call centres
- Data brokers
- Direct marketing
- Digital advertising
- Data services
- E-commerce retailers
- Charities and other membership organisations
- Utility companies
Changes to direct marketing regulation & the hidden costs
Whilst some elements of the EU reforms targeted at online data collection and profiling clearly need to be updated, the current direct marketing industry regulation is effective and works to protect customers from harm or abuse.
Moving the industry from a well managed opt-out model of regulation to a new opt in regulation will have a massive direct cost and render the direct marketing industry impotent for a long period of time. Many established marketing methods will not recover.
Hidden costs, job losses and moving the industry to unregulated territories
Compared to other countries, the EU already has some of the strongest data protection laws in place. Each time the regulations are tightened the results are the same; companies move outside of the EU.
What’s so bad about companies moving outside EU? Well, putting aside the fact that any jobs leaving the UK is hugely detrimental to the our economy and job market, it also moves the data industry outside of any kind of regulation whatsoever.
Places like India and Africa have very little regulation, if any at all, so they are going to be more harmful to customers than any responsible UK company would. No doubt you have had annoying sales calls to your home, even if you’re on the TPS. This is almost certainly because all the companies that call you are operating from outside the EU. There is nothing that can be done to stop this. Companies calling from outside the EU often don’t even present a phone number so it is difficult to identify these companies.
Our EU regulators rarely, if ever, take any enforcement action on companies operating outside the EU. They only seem to be interested in targeting and penalizing responsible companies operating within the law in Europe.
There is no better proof that Vivian Redding and the EU commission haven’t thought through their proposals, unless of course it is their goal to weaken EU economies and strengthen third world economies like India and Africa.