Lemons, silos and trust issues: How to turn GDPR into lemonade

lemon-juicer

If you attend any of the numerous seminars about GDPR (the EU’s General Data Protection Regulation) nowadays, you’ll notice that the new rules are taking quite some flak. Invariably, some CIOs or CEOs from companies big and small will lament the administrative burden yet another EU regulation puts on them.

Give me the place to stand, and I shall move the earth

It’s understandable why any company’s management would try to minimize the costs associated to legal compliance, but this ‘GDPR-as-a-burden camp’ largely misses the strategic opportunity GDPR embodies.

Seeing GDPR as an obstacle carries within itself what Karl Popper calls the ‘Oedipus effect’: the prediction influences the predicted event. In other words, when the board room carries out the message that GDPR is a purely bureaucratic burden, it will become a heavy burden. When management proclaims that GDPR is merely about compliance, it has the guarantee it will be nothing more than a cost center.

Another point of view would be to see GDPR as a lever. If mere compliance has the sour taste of a certain cost center, the ‘GDPR-as-a-lever camp’ understands that if life gives you lemons, making lemonade is the optimal strategy. This camp will seek to turn the unavoidable costs incurred for GDPR compliance into a strategic, value-creating investment. GDPR can be a lever to move a company towards a market-winning position. The key to this strategy is unlocking your data potential and earning your customers’ trust.

Unlocking siloed data

Big Data is the new oil: this reality has finally hit home within the global business community. Without going into the plethora of possible advantages here, it’s clear that Big Data and analytics are the basis for a host of new applications and new ways of doing business.

However, while the chatter about Big Data is nearly deafening, many companies as yet haven’t started actually using it. As Edd Wilder-James argues in a 2016 HBR article, data silos are the single biggest obstacle to unleashing the potential of Big Data. Legacy systems, vendor lock-in, internal power games — whatever the reason for the existence of data silos, they make it prohibitively costly to extract data. No data, no data analysis, no insight, no new business.

Since data subjects (i.e. “potential” customers) will have the right to ask what personal data a company holds and how the data is being used, any company will need to be able to know which data is stored where and for which purpose. A CIO with a long-term view should put this legal requirement to work to break down data silos. From this perspective, GDPR offers not only a lever, but a veritable crowbar to break through these data silos. It forces companies to actively manage data governance and overcome the scattering of data throughout the enterprise.

 Distrust and customer centricity

If Big Data is the new oil, then consumer trust is the barrel that holds it. Consumers have become more and more weary of providing companies with their personal data. They feel inundated with targeted ads and overflowing mailboxes, while news about data breaches, hacking and phishing adds to the general feeling of data insecurity.

At the same time, customer intimacy is the buzzword par excellence. In competitive markets, knowing your customer, understanding his or her needs, optimizing the customer journey for a personal experience and offering feedback loops are the strategic tools that can make a company stand out. It’s not a surprise then that many companies looking to get ahead of the competition are willing to invest big-time in customer-centric tools.

Thrust for trust

GDPR can be understood as the EU’s attempt to solve the paradox of rising consumer distrust with the drive towards ever greater customer intimacy: GDPR at its core demands transparency about data processing for consumers and regulators. As such, it’s an exercise to rebuild trust.

There is no intimacy without trust. Herein lies the strategic opportunity of GDPR. If you are serious about building true customer intimacy, trust is an essential building block. The value of Big Data on potential customers is nil if they think your company is untrustworthy.

Already at a basic level, GDPR compliance signals a certain trustworthiness, just like an ISO standard. Basic compliance demonstrates to your customer that you will treat their data with respect for their privacy. However, for those looking to truly engrain customer centricity in the DNA of their company, GDPR offers formidable leverage to instill trust as a value within their company’s culture — through training, processes and practice. Streamlined and transparent customer-centric processes are the infrastructure for winning a customer’s trust. GDPR as a value-building exercise only makes sense when it functions as the touchstone for those processes.

The new game

While it is true that GDPR also puts restraints on Big Data processing, such as where it concerns automatic profiling, GDPR’s objective is not to break the back of the Big Data industry as much as it is to provide curbstones, limits and a uniform framework. Those who will win the Big Data game in the future, are those who can think outside of the box, within the regulations. They are the ones who can acquire meaningful and qualitative data while respecting the regulations. For this, they have to break through their data silos and truly earn every customer’s trust.

Compliance requires proactive data management and protection. That’s why DXC’s GDPR Services integrate our advisory services, proven analytics and security solutions and legal advisory services to rapidly implement and even manage enterprise-wide GDPR programs. We’ve got a cross-disciplinary approach to help turn lemons into lemonade.


Simon Nichelson headshotSimon Nichelson is a public sector business analyst at DXC technology. He holds master degrees in European politics and policies, modern history and philosophy. You can follow him on Linkedin.

 

 

 

RELATED LINKS

The Impact of GDPR on the Public Sector

Getting the analytics right for GDPR compliance – and beyond

2 New Business Processes Key to GDPR Compliance

Trackbacks

  1. […] Lemons, silos and trust issues: How to turn GDPR into lemonade […]

    Like

  2. […] Lemons, silos and trust issues: How to turn GDPR into lemonade […]

    Like

  3. […] Lemons, silos and trust issues: How to turn GDPR into lemonade […]

    Like

  4. […] Lemons, silos and trust issues: How to turn GDPR into lemonade […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: