Ever wondered how you can take advantage of video marketing? Well, you came to the right place! There’s no denying that video content is key, but […]
On 25th May 2019 it will be a year since the General Data Protection Regulation has been legally enforced by the European Union with a vision to safeguard the data of the citizens of the European Union.
The regulation allows citizens full control over the acquisition, process, retention or omission of their personal data, which in turn gives them complete control on how & to what extent they want to disclose their data to the business companies.
According to the French data protection agency CNIL’s Mathias Moulin, May 2018 to May 2019 has been a transition year for GDPR where several national data protection regulators finalized their rules & approaches towards GDPR compliances & decided to probe into the probable violations.
GDPR has been highly impactful in terms of sensitizing the organizations & the common masses at large about the value of data as a currency, to be leveraged only with the consent of the individuals to whom it belongs.
However, GDPR certainly has some visible loopholes. The most obvious one being that the law somehow has failed to impose fines on companies that have failed to adequately protect the customers' data – except for a few well-known industry giants, where the violations were too grave to be forgiven including Google, Facebook & Uber.
The challenges with GDPR have always been immense, majorly because the law has been the only one of its kind ever since its inception. The pre-GDPR world already had moved very far & fast in the direction of improving personalization for the customers & to optimize their experiences deriving data from Internet of Things (IoT) was a common practice. GDPR came as a renaissance for the marketers and compelled them to review their data protection, acquisition, processing, retention, and omission strategies.
The marketers across the world have just started acclimatizing to GDPR as the fines from failing to abide by the regulation are hefty which can amount up to €20 million or 4% of the global turnover of the company in any particular fiscal, whichever is greater. Majority of the firms across the globe were GDPR-phobic when it was launched but have now started reporting data breaches.
According to Stephen Eckersley, the head of enforcement at the U.K. Information Commissioner's Office, the number of data breach reported in 2019 is expected to be approximately twice of those reported in 2018 (36,000 breaches expected in 2019, compared to roughly 18,000 to 20,000 reported in 2018).
The French Data Protection Authority, CNIL, fined the tech giant Google €50 million in January 2019 for violating the GDPR norms of obtaining consent that must be “granular, freely given, informed & must involve affirmative action”.
Google was fined because of its economic model that is dependent on ads & personalization. They violated GDPR guidelines “such as the data-processing purposes, the data storage periods or the categories of personal data used for the ads personalization”.
The penalty came as a result of complaints filed by two European pressure groups: None Of Your Business (NOYB) and La Quadrature du Net in May 2018.
The fine of €50 million, though largest till date, is still minimum for Google, as the maximum penalty would have been €4 billion if were calculated on the basis of the annual turnover of Google.
2. Chat app Knuddels fined €20,000 for Data Breach
In July 2018, the personal information of more than 3,30,000 users of the German social media platform Knuddels were hacked & compromised. The company discovered the breach in 2018 & reported the breach to the German Data Protection Authority, the State Commissioner for Data Protection and Freedom of Information Baden-Wuerttemberg (LfDI).
The accounts of all the impacted users were immediately shut down. In November, the LfDI issued a fine of €20,000. LfDI also discovered that the company stored the password in plain text. The fine was minimal considering that it could have been somewhere close to €10 million if the company would have been fined 4% of its annual revenue.
LfDI however, commended Knuddels for their "extreme co-operation" & the steps that they took afterwards to improve the data security of their users
3. Digital Marketing Company Bisnode levied
On April 1, 2019, the Sweden Headquartered Digital marketing Company Bisnode, which has a location in Poland, was fined €220,000 by the Polish Data Protection Authority, the national Personal Data Protection Office (UODO) for violating obligations under article 14 of GDPR.
The fine has been imposed as a result of the business model of the company which relies on the processing of the scraped data, which they utilize for insights without individually taking the consent of the data subjects.
In addition to the fine, the company must separately send an email to 6 million people within the next three months which will incur an additional cost of €8 million.
Bisnode though has said that it will push the controversial privacy penalty of the apex court of Europe & the final verdict may impact the privacy model of businesses across the globe.
4. Equifax Fined for failing to protect Personal Information
The Information Commissioner's Office fined Equifax LTD with £500,000 for failing to protect the personal information of 15 million UK citizens.
5. Denmark’s Taxi Company Taxa 4x35 for Retaining Customer Data Without Consent
A fine of 1.2 million kroner ($180,000) was imposed by Denmark's Data Protection Authority (DPA) on the taxi company Taxa 4x35 for not deleting customers’ telephone numbers.
6. Other Penalties
GDPR Implementation Challenges
a. Organizations need to hold themselves accountable for the secure processing of data throughout the customers’ buying cycle
b. Fines and Penalties are subjective and depend upon various factors including:
c. The organizations need to match up with the minimum transparency & information requirements to comply with GDPR.
d. The potential costs for Subject Assess Requests (SARs) & data portability has to be abided by the organizations.
e. Under Article 30 of GDPR, the organizations have to keep a track record of the data processing activities
f. The territorial limits of GDPR are blatantly defined & not clear in Article3 (2)
g. Mandatory Data Protection Impact Assessments are additional burdens for organizations
h. Articles 48 & 49 describing the cross-border data transfer are ambiguous
i. It still remains unclear how the European Data Protection Authorities will be able to impose fines against non-complaint nations
In a GDPR compliant age, it is mandatory for the companies to act in accordance with GDPR rules not only to avoid the hefty fines but also to captivate the trust of their customers, investors & marketplace at large. Though across the globe, GDPR is still a newbie that needs to metamorphose into full-fledged & implementation-based form & has many loopholes; abiding by its norms is not only the best possible form of prevention against the hackers but also ensures that marketers are safe from stressful & expensive penalties & their reputation is intact.
We, at Valasys Media, advise you to be on the safe side of the law and read in detail about how you can be GDPR Compliant. For more information feel free to contact us.
Social media channels are amongst the most effective channels for brands to deploy their pieces of content to attract, engage, convert and retain the existing customers, […]
In a competitive business world, only the companies that leverage the right data will come out on top. There is so much data flowing around the […]
A business never underestimates the importance of online research. You are aware that the success of your company depends on how well you grasp the basics […]
Data is the fuel that helps the revenue engine of B2B organizations to run as they should, and the best B2B businesses know that really well. […]
Utilizing social media to promote your products and services is a great investment, regardless of your business’ scale or resources – it simply pays off.
How the Best in Action CRM Solutions From Valasys Media Help You Synchronize & Sell More Efficient, Replicable, Personalized, and Secure – these are the ‘big […]
All businesses and individuals generate an abundance of data each day now. Whenever you order online, open an email, r interact with a mobile application, or […]
Databases are important tools for enterprise applications to store, manage, and retrieve valuable information. These are also critical in modern-day systems to build a solid e-commerce […]
Composing a productive description resembles trouble if you don’t possess the conventional knowledge for drafting it. Merely labeling your products is not adequate. One eCommerce research […]
Marketing automation solutions have become a must-have for modern B2B marketers particularly as the marketers are headed to explore new avenues alongside the dawn to the […]
Google, back in February 2021, announced the updated treatment of phrase match to include the broad match modifier traffic (BMM). Phrase match now will be able […]
The business sector is growing at a rapid rate in recent times. The expansion of the internet world opened up many new doors of innovation for […]
There are a lot of corporates that have adopted a data-driven approach for business decision-making. There is no doubt that quality data can improve business decisions […]
Efficient, Replicable, Personalized, and Secure – these are the ‘big deals’ enterprises look for in their CRM solution providers; and if you too are amongst the […]
Any marketing campaign is initiated with an objective and a described goal to achieve. Later, to track the progress of the campaign, proper metrics are also defined, precisely.
Lately, a lot of B2B companies are shifting towards cryptocurrency as a digital mode of transaction. The rising demand for cryptocurrency is attributed to its speed, […]