‘We should be proud of this new European standard’

GDPR: far more than a piece of inconvenient new legislation

Source: BNK Perspectives on Banking (20/12/2017)

The much-discussed European General Data Protection Regulation (GDPR) will come into force at the end of May 2018. This new data and privacy legislation is causing a fair amount of concern in the corporate world. Nonetheless, Jo Coutuer, chief data officer at BNP Paribas Fortis and Öykü Isik, professor of Data Privacy at Vlerick Business School, mainly see it as a source of opportunities: ‘Privacy by design will be the new standard, and this is a good thing.’

In the baseline scenario, companies will need to adapt the way they process their data to comply with this new European legislation by the middle of next year. So will there still be a huge gulf between this purely legal obligation and genuinely smart use of data?

Jo Coutuer: ‘I don't think it's quite that black and white. I think that the GDPR will be a good thing for all of us, and I mainly regard this new legislation as a kind of guiding principle and tool for companies. I'm convinced that the smart use of data will lead to a win-win situation for both the bank – or for other companies – and the consumer.’

‘The new legislation effectively summarises exactly what the smart use of data involves and means, even though ‘smart’ has been interpreted and implemented differently by everyone up to this point. Finally, we have some kind of benchmark. But to be honest with you: banks have been focusing on this area for quite some time already and our sector is well aware of the importance of respecting privacy.’

Öykü Isik: ‘Companies which are smart with their data will also build a stronger brand in the longer term. In the first instance, the GDPR naturally focuses on greater transparency and protecting the privacy of the user or client, but it is precisely here that a good opportunity for the corporate world can be found. Companies which do things the right way will automatically handle their clients' data in an ethical, open and transparent manner.’

With regard to respecting privacy as a kind of competitive advantage, what would happen if privacy no longer turned out to be an issue for the younger generation?

Öykü Isik: ‘I'm not convinced that will happen at all. Millennials also consider it very important to identify with the brands or companies of which they are fans or clients. Respect for privacy goes a long way towards determining the image of these brands. My research has shown that the younger generation also attach a kind of price to this: I'll give you my data, and so I expect something in return. In their view, the most important thing is for it to be a fair deal. In this respect, it therefore benefits companies to handle their data with great care and respect.’

Jo Coutuer: ‘The main thing used to be the product or service provided by a company, rather than the user experience. In the future, ethics and transparency will play an increasingly important role in determining how a company is perceived by the client.’

These days, the vast majority of consumers have no idea whatsoever of the nature and scope of the data which they make available to companies: will the GDPR manage to change this?

Öykü Isik: ‘I suspect that the GDPR isn't going spark off an instant revolution, but the new legislation could still change some aspects indirectly. If more and more companies start investing time and energy in increasing consumer awareness, as banks are also doing, a certain level of awareness might develop in the longer term.’

Jo Coutuer: ‘This is a perfect illustration of how and where politicians can genuinely offer added value. This new legislation sets the tone and therefore also creates new opportunities. As the European Union, we are now setting a new standard.’

Can banks also help to increase awareness among the general public?

Jo Coutuer: ‘Effectively, that is what will happen. In the first instance, this is because we reach a huge number of people and therefore have a major impact. In the second instance, precisely because of their activities, banks have already set the bar high: our regulations and standards for privacy and data processing are quite stringent which means we also set a kind of benchmark for companies from other sectors.’

From now on, consumers will also be able to demand the right to be ‘forgotten’ online. In view of the huge amount of data which has already been collected in recent years, isn't that going to be a huge challenge for most companies?

Jo Coutuer: ‘I think it will be easier to achieve greater transparency in respect of data processing and privacy than to simply forget people. Indeed, we are going to have to deal with almost 50 years of computer history, and that isn't going to happen overnight. As a result, we will have to think long and hard about how we can achieve this by design when we are introducing new systems. And how we can also introduce it into the existing systems in the longer term. But it's going to take some time.’

Öykü Isik: ‘It's an important principle, privacy by design. The intention is for it to become the new baseline, which requires a significant shift in attitude. The deadline for the introduction of the GDPR has now been set but nobody will be 100% ready by then, precisely because of this enduring legacy from the past. Is this a big problem? I don't think so: by that point, all the companies and organisations will need to have charted out a kind of road map which puts them on the right track.’

Jo Coutuer: ‘Large companies are slowly changing course, but they may well have to adjust the direction they are heading in a few times as a result of changes to the legislation.’

In Europe, should we be concerned about the competitive disadvantage that the stringent GDPR legislation gives us compared with the US or the Asian economic powers?

Öykü Isik: ‘When it comes to privacy, the mindset of American companies is very different to the European mindset. However, this is something which has developed over time. I see things the other way round, to be honest. In the longer term, I think it is mainly the US which will suffer a competitive disadvantage as a result. After all, the country will have to work so much harder to satisfy this new European standard, which in my eyes is absolutely the right path.’

Jo Coutuer: ‘I also think that Europe should be proud to have some kind of moral compass which offers the consumer better protection. A Chinese company which does business with European clients will also need to respect this legislation from now on. As a result, it doesn't really matter where a company is based. One thing is for sure, however: shareholders in the Chinese AliBaba, say, will be better off with their Chinese clients – for whom they will not need to respect these stringent data and privacy standards – than with European clients.’

Do you think that Europe might pave the way for a global shift with these new regulations?

Jo Coutuer: ‘I know several global players who are changing their internal approach because they don't want to lose their European clients. Whether this trend will continue to spread is anyone's guess, of course, but perhaps it will be cheaper in the long term to focus on achieving the highest standard. You could compare it with environmental legislation, which is getting more and more stringent: these days, it is gradually becoming a cost factor not to comply with these strict standards.’

Öykü Isik: ‘I'm on the same wavelength. Research has already shown that competitive advantages almost always end up becoming more widely accepted in the longer term, ending up as a kind of obligation.’

Related news

  1. What are the challenges for cryptoeconomics?

    Date: 25/09/2018
    Category: Opinions
    Hard rock, metal and punk. The organisers consciously chose this music to introduce the speakers at “Cryptoeconomics”, the first FinTech Futures session of the academic year. “In a sense, the people who study crypto or cybereconomics really are the hard rockers, the metalheads and punks of the FinTech community. They like to disrupt the status quo and the existing business models,” says Professor Bjorn Cumps, who hosted the event. The speakers demonstrated that blockchain technology and “crypto” or “cyber” have gradually penetrated across various sectors and are here to stay.
  2. Are machines threatening our jobs?

    Date: 13/09/2018
    Category: Opinions
    Today’s employees are confronted with the growing presence of technology in the workplace, in the form of artificial intelligence, machine learning and robotics. In addition to being used on shop floors, this intelligent technology also has an impact on highly-skilled white-collar workers. So, in that sense the story of the march of the robots is wrong. Because they have already taken their place among us. But how can employees ensure that they stay ahead of the digital curve?
All articles