GDPR: The Y2K of Digital Marketing?

Remember the great Y2K scare of the late 1990s? Civilization was going to grind to a halt at 12:01 a.m. on January 1, 2000, as computers programmed to only recognize a two-digit year reset themselves to 1900 and crashed. Otherwise rational people were hoarding freeze-dried food and making plans to hide in the woods on New Year’s Eve 1999.

The European Union’s General Data Protection Regulation (GDPR), due to take full effect in May 2018, could be the digital marketing equivalent of Y2K – in a good way.

The GDPR applies to all companies that do business in Europe, and so affects virtually all large enterprises worldwide. There are extensive new rights for consumers regarding data protection and an individual’s right to control how their personal data is used. (Note that, in the European context, personal data goes beyond what you might understand to be personally identifiable information) And there are serious penalties for non-compliance, with fines that can run into the millions of dollars.

To help understand how the GDPR affects your digital marketing strategy and where Customer Identity and Access Management (CIAM) can play a role in achieving compliance, Gigya has commissioned an in-depth white paper from KuppingerCole, a global research firm specializing in information security and identity and access management. The white paper, “GDPR and Implications for Consumer Identity Management,” is available now at http://www.gigya.com/resource/whitepaper/compliance-gdpr-consumer-identity-management/.

“The days of (organizations) creating independent solutions that manage their own identities, implement their own approach to customer journeys, and exist in isolation from other systems are long past. Customer identities are too important for businesses in the Digital Age, and from a regulatory viewpoint — in the light of the upcoming EU GDPR – the need for a unified, standardized Customer Identity Management infrastructure is no longer just an optional and attractive approach, but a necessary one,” the white paper says.

KuppingerCole GDPR Whitepaper

In short, KuppingerCole declares, “Rely on platforms, not coding.”

So what does this have to do with Y2K? The disasters predicted in the late 1990s never happened, but not because the fear was unjustified. Rather, organizations around the world responded before the year 2000 with massive IT upgrades to root out Y2K bugs.

All this effort had an unintended and very positive consequence. The investment in new infrastructure and business processes to prevent Y2K failures unleashed a productivity surge that was a foundation for economic gains in the 2000s.

The GDPR offers the same potential benefit. Organizations will be forced to move away from do-it-yourself CIAM solutions, as well as employee-facing Identity and Access Management platforms unsuited for tracking personal data. By adopting purpose-built CIAM platforms, these organizations will have new opportunities to build trusted relationships that turn unknown online visitors into known customers – deepening and extending the impact of their marketing and sales programs.

I look forward to participating in the global discussion on the GDPR’s impact. I encourage you to read the KuppingerCole white paper and to join a webinar on November 10 that Gigya is hosting with Dr. Karsten Kinast, an expert in European data privacy laws and co-author of the white paper.

By Jason Rose