Our breakfast networking event at The Gherkin in London was a great success. We had GDPR expert, Robert De Souza, come down to discuss the challenges and opportunities that the impending legislation presents.
Having spent 30 years working in technology and data protection, Robert has shifted his attention towards the law and is studying to become a data, privacy and compliance solicitor. Because of this marrying of skillsets, Robert was a great person to host our roundtable event as he’s able to review and provide advice on the GDPR legislation from both a business and legal perspective.
Among the attendees were senior professionals from the financial services, retail and construction industries, who brought with them a breadth of expertise from their respective areas. While there was a broad discussion around GDPR and the challenges facing many businesses, there were a couple of key themes that kept surfacing throughout the event, specifically around consent, portability of data and the role definition between suppliers where data processing is concerned. Those in the financial services sector had a very heated debate regarding the role of the data processor and the data controller, and although not all agreed we were able to settle on the need for cross-industry codes of conduct.
Peter Howard of Willis Towers Watson, a global insurance brokerage and advisory company, raised an extremely valid point, that there is still confusion within the financial services industry over accountability levels of the data processor and controller roles. This was confirmed by others in the room who also work in insurance, the general consensus being that a cross-industry code of agreement should be put in place for absolute clarity.
On the topic of consent, our attendees from the retail sector had some in-depth discussions with Robert on the validity of informed consent, particularly around verbal consent. As I’m sure we’ve all experienced, many retailers now ask for email addresses at point of sale – be it to confirm your purchase, send you a digital receipt or add you to their mailing list (the latter is the more likely). With the GDPR changes coming into effect, Robert gave very clear instruction that it’s imperative for retailers to prove that verbal consent was given.
An interesting takeaway from the event was around the opportunities with commercialisation of data. Robert noted the impending value of personal data, especially from famous faces and celebrities, “data will become currency in a post GDPR world.”.
With some athletes already making a pretty penny from selling their personal data to fitness apps, enabling everyday user to compete against them and challenge their times for certain activities, it remains to be seen what other creative examples companies can come up with to commoditise and sell personal data in a GDPR compliant way.
As a parting word, Robert De Souza reminded us that:
“GDPR is not about becoming compliant. You will never be fully compliant as the regulation itself is always evolving.”
While I’m still trying to work out whether this is good or bad news – some people like to have a documented set of rules to follow, while others thrive in the flexibility that GDPR offers, one thing is for sure, you need to have a plan and you need someone in your organisation to take accountability for implementing GDPR best practice and ensure it’s rolled out across your whole business estate.
About Deltra’s Networking events
Here at Deltra, we regularly put on networking events and roundtable discussions for our clients and candidates to attend. We believe there’s no better way to review a new piece of legislation or industry topic than getting people, from all industries around the table interacting and putting their point across.
Minesh Jobanputra, Managing Director & Founder of Deltra Group felt this month’s GDPR event was a collaborative success. “Everybody in the room held pertinent information about GDPR, it was really great to get their input on what GDPR meant to them and their industries. It’s vital for us to show clients that we want to add value to their organisation through our trusted network, if we can bring people together to discuss challenging topics and help them work their way through it then we’re doing our job.”
We’re already looking forward to our next event, watch this space for further details.