GUEST COMMENT Do businesses need to put Brexit aside and start focusing on GDPR?
When the Prime Minister invoked Article 50 and officially started the UK’s withdrawal from the EU single market, UK businesses braced themselves for change. However, with the EU General Data Protection Regulations (GDPR) coming into force in May 2018 and the rapid adoption of Artificial Intelligence (AI) transforming business models, is Brexit really what UK business leaders should be focused on?
Political and economic uncertainty
Now that Article 50 has been triggered, the country has two years to negotiate an exit deal which will be lengthy and complicated, bringing with it political and economic uncertainty. Given the difficulty in predicting the economic impact of diverse global political decision making – from relations between the US, Russia and China to forthcoming elections in France and Germany – it is no wonder that businesses remain somewhat obsessed with Brexit.
The question is, however: whether Brexit is the most significant business issue of 2017. The timeline for the Brexit negotiation is two years - and the terms of our exit will to and fro over that time. Clearly, business leaders should keep an eye on the exit terms being deliberated by Government, but these negotiations should not become a distraction.
In fact, one of the biggest issues facing businesses of every size this year is EU related – but it is not Brexit. The General Data Protection Regulation (GDPR) is set to come into force on 25 May 2018 and organisations will need to work hard over the next 12 months to ensure they are ready.
The AI Generation
The speed with which AI is being adopted in business has increased rapidly in recent months, with organisations now actively looking to develop and deploy technology such as chatbots to replace human contact centres. AI’s self-learning capabilities and ability to make sense of huge data volumes certainly open up new business opportunities.
At the simplest level, chatbots will replace call centres, using the information provided by a customer’s style and responses to make accurate assumptions about what is required – enabling companies to radically cut the costs associated with both onshore and offshore services.
More complex AI solutions will be used in areas such as affiliate marketing to quickly understand data patterns and historic activity to make incredibly accurate predictions of customer demand. Not only will AI enable performance marketing to match people to the items they want – from trainers to electrical goods - more quickly and efficiently, but automating this process will release highly trained staff from current manual activity, such as spreadsheet analysis and report generation, allowing them to focus on providing more value to clients and publishers.
This technology is already being widely used in complex areas such as financial derivatives but there is no doubt that during 2017 its application will broaden significantly. Of course, this growth in AI raises the spectre of the ‘bad robot’ and highlights the need for strong controls to safeguard consumers – both their personal data and experience. Which is where GDPR comes in.
All organisations that handle personal data need to understand GDPR, but the risks and exposure clearly vary significantly. GDPR is a complicated piece of legislation that puts control back in the hands of the individual by giving everyone the chance to request to see any personal information, to have that information deleted and, most critically for web based organisations, demand not be tracked. That means, of course, no more cookies; but the ‘no tracking’ is at browser and device level, not just website. The implications of GDPR is very significant for any organisation that makes money online.
One area in which AI could play a significant role is the ability to track customers. While it is not possible to track an individual through an online journey, AI’s ability to contextualise customer behaviour and make assumptions as to likely activity and behaviour could be used to support activities such as performance marketing and creating a highly relevant, highly targeted customer experience.
AI will create and mine huge amounts of data, therefore it will be crucial for organisations to put in place auditable, documented processes and policies for managing personal data in line with GDPR – this includes responding to data requests and data retention/destruction solutions. Organisations will need to ask third party suppliers to clearly define their GDPR strategies and draft a website policy announcement that outlines the steps being taken to comply.
UK business priorities
Politically, economically and technologically we are entering a new era and GDPR’s potential huge fines and personal liability for company directors also heralds a new era of personal data security with pressure on organisations to pay far more respect to the information captured and retained.
Prioritising investment over the next 12 months is difficult. But look ahead; this time next year we will still be negotiating our departure from the EU and will be in the midst of passionate arguments about the UK’s post EU deal. GDPR is just around the corner and organisations that have failed to prepare will be ever more nervous about their level of risk exposure, whilst AI will have gained broader commercial recognition. Uncertainty, however, will not have disappeared; it is therefore essential that organisations gain real perspective about investment objectives this year.Richard Dennys is chief executive of Webgains