It Is Time To Respect Data Privacy in EU – Ready?

Digital enterprises need to make the most of every resource to serve their customers. Where there are functional silos, fragmented customer profiles or technology debt that is limited to on-premise deployment, customer-centric relationships become impossible to cultivate much less maintain. In other words, these elements comprise friction for digital brands.

It is not enough to digitize operational systems; instead, the focus must be on unifying the customer experience throughout the entire lifecycle. This applies to all personnel at every level, including not only your sales teams but all employees – to remove the friction to achieve digital agility, maximize their ability to contribute and deliver an optimized customer experience.

An optimized customer experience must go beyond simply personalizing content, making geolocational offers or unifying fragmented systems. Instead, it is vital to make sure that your customer and your organization are both aware of the customer data that’s being collected across all touchpoints, regions and departments. Even more, your customer should be able to determine their preferences for how their data is collected and used as well as when it is deleted. (See examples where this was not the case.)

In fact, this is the core of the authentic customer relationship for any digital business today – to build trusted relationships that stand the test of time through frictionless, customer-centric delivery on their brand promise.   

Even more, the evolution of legislation is mandating that enterprises be customer-centric in terms of data privacy by providing standards and rules for being transparent with customer data collection and usage protocols. In 1995, the Data Protection Directive was put in place to regulate the processing of personal data within the European Union; it remains an important component of EU privacy and human rights law today. The Data Protection Act of 1998 defines UK law on the processing of data on identifiable living people. It is the main piece of legislation that governs the protection of personal data in the UK.

Most recently, the European Union’s General Data Protection Regulation (GDPR) obtained final approval in April 2016. Despite Brexit, U.K. businesses will face more and more tightened legislation on privacy; it is the trend in the free world.This means that:

• National watchdogs can issue fines, potentially totaling the equivalent of hundreds of millions of dollars, if companies misuse people’s online data, including obtaining information without their consent.

• Formalizing the right to be forgotten into European law, giving people the right to ask that companies remove data about them that is either no longer relevant or out of date.

• Requiring companies to inform national regulators within 72 hours of any reported data breach (this goes significantly further than what is currently demanded by American authorities).

• Obliging anyone under 16 to obtain parental consent before using services like Facebook, Snapchat and Instagram, unless any national government lowers the age limit to 13.

• Extending the new rules to any company that has customers in the region, even if the company is based outside the European Union.

The GDPR will be enforced after a two-year transition, beginning on May 25, 2018, replacing the national laws and regulations based on the 1995 EU Data Protection Directive and reaching companies that target EU consumers from outside the EU.

This all poses questions for enterprises as to how their brand image and customer loyalty could be affected. The target is for enterprises to be frictionless in their ability to respond to their customers as their priority WITH customer data privacy being at the core of all systems, touchpoints and workflows.

Legislation should not be the only reason your enterprise addresses customer data privacy. To sustain an irrefutable competitive edge through customer loyalty over time, the entire enterprise must be frictionless in meeting the needs and expectations of their customers – with respect, trust and transparency.  

Jahia is more than a content management system to help building digital experiences. We also foresaw the need for customer data privacy and, as a result, co-led a project to develop the Context Server Standard with the Oasis Foundation. The next step was to create a reference implementation project that became accepted by the Apache Software Foundation, called the Apache Unomi Project. This implementation project offers organizations the open source code to manage user data efficiently with multi-system interoperability while giving organizations the means to protect  customer data privacy. The net result is that enterprises can address customer data privacy with digital agility now.

About the Author:

Stéphane Monier, VP of Business Development EMEA, joined Jahia in 2007 and is responsible for anticipating internet technology trends to address the needs of Jahia’s customers and partners, delivering global solutions and creating long-term value for all parties involved. He is focused on customer satisfaction and is known for his passion for technology and what it can do for customers.