Privacy Over Profit, Or, Profit Over Privacy?
It is daunting when one considers the substantial administrative fines that can be imposed for breaching certain provisions of the recently enacted EU General Data Protection Regulation (GDPR).
You will find considerable commentary and earnest opinion about these administrative fines that can, will or could be levied on organisations which are deemed by relevant Supervisory Authorities to be non-compliant with the legislation. What many organisations may overlook, however, is the detrimental impact that infringements resulting in data breaches or incidents will actually have on their reputation.
In instances where an organisation fails to adhere with the compliance requirements of GDPR, and is unlucky enough to be found out, the resulting impact is, increasingly, played out in the public sphere with customers, shareholders and regulators weighing in, often to the detriment of business activity.
A recent example of such an incident was the reputational damage sustained by Facebook in the fallout from the Cambridge Analytica scandal when millions of users’ personal data was compromised.
The aftermath, both immediate and long-term, has been devastating in that users retreat from using the social media platform as a reaction to the inescapable fact that Facebook has failed in its duty to safeguard their information (to ‘protect their data’) and for not being transparent about the way in which user data was harvested by bad actors. The resulting damage to operational use and consequent collapse in share price is unprecedented in the 21st Century.
Trust is imperative to operations in the digital economy and, honestly, without trust a business will founder, irrespective of size or sector. A GDPR violation, and consequent sanctions, has the potential to reverse years of hard won and developed brand and customer trust.
Ultimately, compliance with the GDPR will help an organisation to strengthen credibility as well as gaining deeper trust with clients, customers, supporters and employees. Those organisations that match words with action under the Regulation will find, going forward, that they’ve created a basis for a much deeper level of trust and confidence.