The open data debate- Is GDPR a burden or benefit?

Article content

From governments using population data for infrastructure planning, to supermarkets monitoring our shopping behaviour in a bid to improve their customer strategies and advanced mapping tools that help businesses to optimise their delivery services, data has become immensely valuable for both businesses and governments. But despite its prevalence, many of us don’t realise how data influences our everyday lives.

While many organisations hold proprietary data on their customers which they use for marketing and service improvements, ‘open data’ made available by governments is another valuable source for businesses. The term ‘open data’ refers to information that is made accessible for anyone to use, share or access. Consultancy firm McKinsey estimates that the open data made available by different levels of government has the ability to generate more than US$3 trillion in additional economic value each year in key sectors including education, transportation and healthcare. 

As part of the recent ‘Connecting Commerce’ report commissioned by Telstra, the Economist Intelligence Unit (EIU) released the first ever Digital Cities Barometer, which ranks 45 cities around the world based on business confidence in the digital environment. The research found the majority of executives surveyed (69 per cent) consider open data to be important to their business, with eight in 10 businesses making at least occasional use of it. Firms use this data to help improve customer services and develop new products, while advancements in data analytics are opening up the possibilities of using this data more effectively.

However, despite the benefits, privacy implications have led to some consumer distrust of how their data is being used. With today’s technologies being developed and assimilated faster than ever before, it’s not unusual for people to be unware of how their data is collected, shared and traded. Technology jargon such as ‘cookies,’ can leave some consumers vulnerable to misunderstandings – such as accepting opt-in consent mechanisms without comprehending how online tracking really works.

To combat these types of issues, new legislation will soon be introduced to address transparency around data collection. In May 2018, the General Data Protection Regulation (GDPR) will come into effect within the European Union (EU). This represents a major overhaul of the EU’s original 1998 data protection law and will transform how governments and businesses handle the data they obtain.

But in a world, that’s increasingly shaped by open data, what are some of the risks and opportunities related to the introduction of GDPR?

GDPR – What are the risks?

The EU considers itself a world leader in the safeguarding of citizens’ rights when it comes to data privacy. The new GDPR rules will mean that consent must be given through a statement or clear affirmative action. Further, this will be subject to the data being collected for specified, explicit and legitimate purposes. Compliance with the GDPR requirements will be mandatory for all organisations that handle the personal data of EU citizens – and the financial consequences for non-compliance have the potential to be significant. Companies may be prohibited from processing any personal data until they meet the GDPR criteria and they may also face regulatory fines of up to either €20m (£17.3m) or 4 per cent of their global turnover if sensitive information or any personally identifiable data is mistakenly released.

These new requirements around unambiguous consent mean firms fundamentally need to re-think how they manage and retain data. Complying with more stringent data protection will require additional talent with specialised data skills, training, as well as updating internal systems and technologies. Governments too will be required to reassess their protocols, look at the way they currently share data for use and establish new best practice. 

GDPR will also require government agencies to provide more detailed information to citizens on-demand. This will include the purpose of the data processing, the categories of data being processed, the recipients, the retention period and the original source of the data.

GDPR – What are the opportunities?

While any change is difficult in the short-term, these regulatory changes will pave the way for a number of benefits to be realised. GDPR’s core principle to give citizens back the control of their personal data and to simplify the regulatory environment by unifying regulation within the EU will be a positive step forward for both businesses and consumers.

To begin with, there will be an inevitable uptick in public trust when the regulation comes into play. With organisations compelled to handle data with greater care, consumers may be more inclined to not only share their data, but understand the benefits of doing so. The expense of breaches mean GDPR could prove a great impetus to the open data movement, forcing governments to think creatively to maximise their assets and the potential of the data they are sitting on.

When used responsibly, open data can create a wealth of business opportunities that ultimately benefit the public. For instance, when the UK’s National Health Services (NHS) made its commercial data available, it spurred the Society for Cardiothoracic Surgery (SCTS) to publish its data about heart surgery since 2005. As a result, a new app emerged called idata which provides clinicians, patients and researchers with the ability to filter and analyse surgery data. This app has reduced the number of deaths in heart surgeries by up to 1,000 annually. Arup, a London-headquartered engineering and construction service provider, has also leveraged open data to create an online risk assessment service for clients utilising available public data on environmental hazards.

In a commercial sense, businesses will also be rewarded for their efforts to create clean data. To work at its full potential, data needs to be accurate and relevant. The new legislation will further incentivise businesses to invest more into pursuing best data practice. This will eventually be the engine of better analytics and, ultimately, stronger business growth. 

Planning for an opportunistic future

Today, open data has become an important driver of digital transformation as firms strive to compete in an increasingly software-defined, automated world. On top of this, data analytics capabilities are increasingly important to maximise the potential of data and help organisations move ahead of the competition.

The findings from the Connecting Commerce research are a timely reminder of data’s influence on business success in today’s digitally connected world. Complying with GDPR will initially require a significant time and cost investment from businesses anywhere in the world that hold or process data about EU citizens, but it will also improve public trust and help to create an equitable playing field for businesses across the EU.