The EU’s General Data Protection Regulation (GDPR) is just under one year away and expands the rights of EU citizens around privacy and protection of personal data.
Among other things, it requires that companies maintain adequate data records, disclose data breaches and increase opt-out options. Heavy fines are on the table for companies that do not comply.
The MEF asked their members and experts from the wider mobile, legal and data industries to give their thoughts on GDPR readiness, asking are companies ready, what platforms can help and whether there’s an opportunity for businesses to get closer to consumers?
Here’s what Rob Malcolm, VP Marketing & Online Sales at CLX Communications said…
“In mobile communications, personal data inhabits a complex value chain that includes network operators, aggregators of services and their customers. Mobile marketers, banks, brands, even governments, all have a relationship with personal data.
Our larger customers have already started to include terms and conditions in their contracts to cover GDPR requirements. One of the requirements is that the controller (our customer) will require a binding obligation from the processor (us and our sub-suppliers) to fulfil certain issues.
As a consequence, Tier 1 providers (like CLX) who primarily use MNO’s as sub-suppliers will find it easier to comply to GDPR. Moreover, global mobile service providers like CLX have previously embraced privacy and regulation, albeit fragmented at the country level. It has long since been a business fundamental.”
The key question is whether GDPR compliance will:
- drive all SMS companies to seek Tier 1 connections.
- drive all enterprises to only work with Tier 1 providers.
Given the substantial fines of 20M Euro or 4 per cent of global turnover, our customers’ appetite for risk is likely to be low. The other question is whether MNO’s are ready for GDPR?
First published on the MEF website.