GDPR: A New Era of Data Regulation

What does it mean for businesses in the Middle East?

Last September we penned an article on the upcoming GDPR laws  (General Data and Protection Regulation) and the potential implications for the MENA region. At the time of writing, information was scarce and the impact for the region was unclear. 25th May is “G-Day” – so if you’re late to the party and need a cheat-sheet, we’re here to help.

To recap, theGDPR is a set of regulations being brought in by the European Union this month to tackle data and specifically consent. Described as the most comprehensive data privacy law in history, it comprises of 99 articles that define how companies must approach data collection and its management.

What is Consent?

In a nutshell, consent means offering users choice and control. With regards to data, the GDPR defines consent as “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.” 

In layman’s terms, this means that individuals will have the power to demand that a company reveals or deletes the personal data they hold. In addition, it changes the rules of engagement from an marketers point of view, for example; sending out mass marketing emails to people who have not opted-in will be illegal.

What does GDPR mean for businesses in the UAE?

With the new laws coming into effect on the 25th of May, companies in the UAE are trying to determine what the business implications will be for them. In the past week we’ve seen a significant spike in the number of searches for information surrounding GDPR, as indicated below:     

Trends.png

Source: GoogleTrends

The EU has madeGDPR and its implications very clear; it applies to companies within the EU, as well as any companies that offer goods or services to, or monitor behavior of, people within the EU. Now, obviously this affects a great deal of companies operating out of the MENA region who have audiences, marketshare and even employees within the EU.

Getting it wrong is costly – beyond reputation damage, businesses may face substantial fines. Infringements of the basic principles for processing personal data, including conditions for consent, are subject to the highest tier of administrative fines. It could mean a fine of up to 20 million euros or 4% of your total worldwide annual turnover, whichever is higher.

GDPR

Image Credit: Mysolomon

However, what is not yet clear is how the EU will enforce these regulations, particularly in the region, as the Middle East is not bound by the European Court of Human Rights.

Data Laws and best practice in Dubai

Now, while how the EU regulations will be policed may not be completely clear, Dubai’s stance on the issue of data privacy, management and protection is unequivocal. In February 2018, Smart Dubai launched the Dubai Data Policies to regulate the classification, publication, sharing, storage, use and re-use of open data.

What’s the benefit of GDPR for companies?

Legalities aside, here at Bravo Romeo we believe that stricter regulations surrounding data are a welcome change. Following the Cambridge Analytica scandal, data privacy made headlines worldwide, resulting in people making an effort to become more aware of how their data is managed and be more discerning about giving consent for companies to use it. Realistically, almost every business today is data-driven and digital. The threat of cyber-security is real and it is imperative to both personal and commercial safety, as well as to business continuity, that data is managed securely. It’s not just about compliance, it’s about best practice and ensuring that we, as an industry, support GDPR as a catalyst for positive change in regards to cybersecurity, both globally and in the region.

Don’t get us wrong, it’s not all doom and gloom! Ultimately, the correct management of data means that companies are better placed to manage it as a strategic business asset. Data is arguably set to becomes the most valuable currency so by complying organizations will ensure they reap the benefits of it.

 

Featured Image Credit: Shutterstock. Image ID: 731051713

One thought on “GDPR: A New Era of Data Regulation

Leave a Reply