Data-driven transformations—in which companies apply sophisticated data analytics to all aspects of their operations, from R&D to manufacturing to supply chain to marketing to sales—are a potentially game-changing phenomenon, promising massive gains for successful companies. Mas as preocupações com o uso indevido de dados levaram a vários esforços para regular o manuseio de dados compartilhados. O GDPR entrará em vigor em maio de 2018 e se aplicará a praticamente todas as empresas ou organização que lida com dados sobre cidadãos da UE. O novo regulamento exige que o consentimento do consumidor seja explícito e estipula que os consumidores tenham o "direito de ser esquecido" e o "direito à portabilidade de dados" - direitos que tornam as empresas mais responsáveis pela forma como processam dados pessoais em "privacidade por design" e "privacidade por padrão". Para aplicar essas mudanças, o GDPR fornece ao poder regulador que cobre sanções financeiras de até 4% da receita mundial anual de uma empresa ou 20 milhões de euros - o que é maior.
In the EU, one major regulatory effort in this area is the General Data Protection Regulation (GDPR), which sets detailed standards for appropriate use by companies of consumer data. The GDPR will come into force in May 2018 and will apply to virtually every company or organization that handles data on citizens of the EU. The new regulation requires that consumer consent be explicit, and it stipulates that consumers have the “right to be forgotten” and the “right to data portability”—rights that make companies more accountable for how they process personal data under “privacy by design” and “privacy by default” principles. To enforce these changes, the GDPR gives the regulator power to levy financial sanctions of up to 4% of a company’s annual worldwide revenue or €20 million—whichever is higher.
O Boston Consulting Group e o escritório de advocacia global DLA Piper colaboraram para produzir um novo relatório, Aproveitando o GDPR para se tornar um mordomo de dados confiável, that examines key features of the new regulation, considers the readiness of companies to meet its provisions, and (perhaps most significantly) inquires into a mismatch between what many companies imagine to be the sources of consumer mistrust over data use and consumers’ actual concerns.
BCG conducted research in five European countries—France, Germany, Italy, Spain, and the UK—and in the US to test consumer confidence about data privacy. The research showed that consumers are increasingly uneasy about sharing personal data, whether it be financial, familial, locational, or use based. Moreover, the research indicated that certain industries, including, notably, online companies, financial companies, and governments, are especially suspect in consumers’ eyes.
But the biggest surprise may be that BCG’s research uncovered a counterproductive tendency by many companies to collect and use customer data in “recklessly conservative” ways. On one hand, they avoid using data in ways that consumers are least hostile to; and on the other, they fail to inform consumers about or ask their permission for data use, even though consumers clearly want those things.
The BCG/DLA Piper report outlines a straightforward process by which companies can move swiftly from simple compliance with the GDPR to smart compliance with it, and from there to trusted data stewardship in the eyes of their customers. And the benefits of consumer trust can be very large: BCG research shows that consumers are at least five times as likely to share data with a company they trust as with one they do not.
