• by Sean Hargrave , Staff Writer, May 16, 2018

First off, we have an article in The Guardian pointing out the very obvious issue that Facebook is going to face from May 25th if it intends to continue allowing advertisers to target audiences through political and religious views or sexual orientation. I will lay you a bet now that an investigative reporter will be poised on May 25th to book a campaign that speaks to lesbian Catholics who vote for Labour, just to raise a doubt over Facebook's GDPR compliance. Give it ten days and we'll see whether I'm right.

Then we have one of those pieces of research that appears to say all the right things to scare a marketer but lacks the angle that matters -- real life compared to a marketing survey.

The 2018 Veritas Global Data Privacy Consumer Study is reported on in Netimperative today and reveals all the usual findings detailing how anxious the public are about privacy and what steps we will take to punish brands that do not protect our data. 

The headline stats indicate that 39% of Brits do not trust brands to protect our data, and half of us will abandon a brand that let us down on data privacy. A further three in four will then go on to switch to a rival of that brand and report the original brand to a regulator.

This is all timed, of course, to coincide with GDPR, and to ram home the point that Brits expect their data privacy to be taken seriously.

I hate to be the fly in the ointment but let's be clear -- GDPR changes little with a citizen's data rights. The huge new change is obviously the higher bar for consent, and the necessity for this to be given for processing sensitive information such as sexuality and religion. The right to have data portability is also new, allowing people to move their data to another provider of a service, if they see fit. 

However, the rights to see what a company has stored on us, to ask for it to be rectified, the right to object to it being used for marketing and so on. All of these are right we have all had under the existing Data Protect Act. 

The stance the research takes that we now have new powers that we are all ready to stringently defend just doesn't wash with me, I'm afraid. I would suggest that the average person in the street has not heard of GDPR. They may have an inkling that data protection is about to change but they have very little idea how -- although they are fully aware that companies keep on emailing and begging them to click to remain in contact.

I simply don't believe that the data rights are that much more stringent and that people are ready to defend these rights. Marketers need to ask themselves if they are already snowed under by consumers asking for clarification or rectification of the data held on them. These rights already exist, but barely anyone knows about them -- so virtually no one exercises them. 

The word "protect" is the key here. GDPR places the onus on brands telling the ICO if they have had a breach and then the watchdog decides whether the public needs to be warned. Previously, brands could get away with not reporting a breach or not telling consumers because it was more of a grey area where they could decide.

GDPR is very clear. Breaches must be reported within 48 hours of discovery -- and then, if the ICO decides, they must be revealed publicly.

It's here we're going to see people upset about data protection. Emails from brands you don't remember allowing to get in contact are one thing, and an email address or credit card details falling in to hackers' hands is quite another. This is where we will see people switch brands and this is where we will see the massive fines the ICO can levy under GDPR.

As for data your supermarket holds on you, or maybe your favourite fashion store, I really don't see this being any more of an issue after May 25th than it was before. But data breaches and huge fines. That's where the fireworks are, that is where people will decide a brand is no longer trustworthy.