A few weeks ago, Google revealed that UK users could lose EU GDPR data protections, because now the UK has left the European Union, the company intends to store its data in the US. With the second anniversary of GDPR approaching, one might wonder if such a story constitutes Britain saying ‘RIP GDPR protection’ before we’ve even had chance to blow out the candles on its second birthday cake. But like so many things Brexit-related, is this just a typically sensationalist headline? Or could the news constitute a major blow to consumer data protection in the UK?
As with many things the answer probably lies somewhere in the middle. Is it true that Brits may no longer be protected by GDPR when companies are headquartered in the US? Perhaps. But does this mean their data is in peril as a result? Almost definitely not.
It’s not just about regulations
Over the past few years, the importance of ‘doing the right thing’ with customer data has been ingrained into most businesses as they aspire to be trusted by consumers – trust is, after all, a direct driver of brand preference.
Any company worth its salt knows in 2020 that data breaches mean fines from regulators, and yes GDPR has been key in implementing such punishments. But the reputational damage which can result in a loss of customers and, consequently, the loss of valuable data is perhaps even more feared than fines.
The loss of customers can be devastating to business for obvious reasons, but the associated loss of access to data can be just as damaging. After all, data is not just a potential accident waiting to happen, but a powerful asset for business of all shapes and sizes.
In a digitally driven future, data is vital to both power and protect organisations and the people they serve. ‘Information intelligent’ brands will become a force to be reckoned with because they understand how to unlock the power of data to delight their customers, while also defending their privacy and interests.
According to the Ponemon Institute, the impact of a data breach on a company’s finances, brand and customer trust can be huge. For a start, companies who experience a data breach see an average stock price decline of 5% immediately following the disclosure of their breach.
Companies are less likely to see a long-term decline in value after a breach if they have created a strong security posture through investments in people, process and technologies. And remember the old adage – ‘it’s not what happens, it’s how you deal with it’ – well if brands react quickly and positively, consumers are more likely to forgive and forget.
So even if, in some cases at least, us Brits are waving goodbye to the formalities of GDPR protection – we need not fear an impending doom of data privacy chaos. The emphasis on keeping customer data safe and investing in data governance won’t go away for businesses post Brexit, post GDPR or indeed, when Google sends our data for storage in the US. Data is simply too powerful an asset for any business to wilfully take that risk – and the most successful will not only continue to invest in minimising the risks of data, but also in exploiting its value with respect for its customers in mind.
Stay in the loop
Sign up for news, opinion and useful resources on data governance