GDPR: will the new data collection rules affect your NZ business?
If you operate a business which currently relies on personal data collection from overseas, then the new General Data Protection Regulation (GDPR) will have a resounding effect on your business. Knowing what the GDPR is and understanding the 7 core GDPR principles involved could mean the difference between a hefty lawsuit and a thriving online business in 2019!
What is the GDPR?
Basically, the GDPR is legislature to assist with online privacy. We all know that privacy is pretty much a fluid these days, thanks largely to online data mining and algorithms used to track online behaviour. This is something that many millennials have simply accepted as par for the course: however, Generation Z isn’t taking it so well. The result? General Data Protection Regulation. With this new legislation – coming into effect throughout Europe – any personal data derived from the internet will need to be collected according to a very specific set of rules, using an ‘opt-in’ model for data collection. Gone are the days of tracking and analysing online movements; very soon, internet users (in Europe, at least) will be free from remarketing and targeted advertising UNLESS they opt-in.
GDPR & the California Consumer Privacy Act: it’s all coming together
The USA may be following suit, with the California Consumer Privacy Act to be decided by ballot in November 2018. While Google isn’t in favour of the Act, calling it ‘vague and unworkable, Facebook is not in opposition. Of course, after the Cambridge Analytica fiasco which saw data from millions of Facebook users being accessed without their consent, this doesn’t come as much of a surprise!
What does the GDPR mean for NZ businesses?
If you’re currently operating a business in NZ which requires the use of data collected from private or corporate internet users in the EU, then you’ll need to be completely up with the play on how the GDPR works. Basically, the GDPR sets out 7 core principles with regards to the collection of private data:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Storage limitation
- Integrity and confidentiality (security)
The data you collect will need to be proven to have been collected while following these principles: otherwise, you could face a fine of up to 20 million Euro, or 4% of your total worldwide annual turnover – whichever is higher. It really does pay to know your online privacy laws!
It’s our job at LWM to know what’s happening with online marketing:
For more information then check out the following articles