GDPR explained and should we love or loath it?

gdpr

In the past few months, the amount of literature on GDPR has been increasing rapidly. Discussing the topic internally or externally, people do not know whether it is good or bad for business, nor do they understand the ramifications of these changes. Here is my point of view. Forget whether it is good or not for your business, the bottom line is that it is good for the customers. If you are a customer centric business like mine then you will welcome it with open arms. Of course, there will be painful conversations ahead, and people must remain pragmatic and make these changes bit by bit rather than all at once. Therefore if you read this post, crack on with it as it will come into play on the 25th May 2018.

Background

Back in the day, around 1995, the Data Protection Directive 95/46/EC [DPD] was introduced. This legislation was the first of its kind at the time and it replaced some old school legislation that was out of date and allowed for all the new data legislation to be in one place. The legislation provided a detailed framework for data processing but now, 21 years later, the DPA has become significantly out of date!

Now, 21 years is a long time and you can do 7 undergraduate degrees within that time. So it is no wonder that within that period, the use of computers and the data this use creates has changed considerably, which, unfortunately, also means that the threat of cyber crime and subsequent data misuse has also increased.

Not only has technology changed immensely (and continues to do so), but the reliance on paper records has diminished. Funnily enough, floppy disks are no longer used (remember those!) and there are now a vast amount of storage options, as well as the mass use of social and professional media and the ongoing creation of Big Data, resulting in huge chasms in the 1995 legislation.

Some users have become somewhat paranoid and alert to the dangers of the growing risks and importance of data protection, being the savvy lot that they can be, however, the majority of everyday users (business or social) are still catching up to basic security measures.

A survey undertaken by the EU revealed that 74% of Europeans see disclosing personal information as an increasing part of modern life. But why are people giving away their personal information?

It seems that the most important reason to disclose this information is to access an online service. The most interesting result in this survey is the fact that 26% of social network users and 18% of online shoppers felt out of control of their own data.

What does the General Data Protection Regulation (GDPR) cover?

The legislation named the General Data Protection Regulation or GDPR, includes options such as the ‘right to be forgotten’, new rules on data transfers outside the EU, the implementation of data breach notification requirements and the introduction of much higher fines that are based on the percentage of a company’s annual turnover.

The ICO (Information Commissioner’s Office) explains that under the GDPR, the data protection principles set out the main responsibilities for organisations.

Click here for full access to the ICO website.

The principles are similar to those in the DPA, with added detail at certain points and a new accountability requirement. The most significant addition is the accountability principle. The GDPR requires you to show how you comply with the principles – for example by documenting the decisions you take about a processing activity.

Key principles of GDPR:

 

Coverage Scope

The GDPR covers all data controllers and data subjects based in the EU. It also applies to organizations based outside the EU that process the personal data of its residents.

According to the EC, the definition of personal data covers anything that points to their professional or personal life, including names, photos, emails IDs, bank details, social networking posts, medical information, or computer IP address.

There will be a Single Data Protection Authority (DPA) assigned to each company depending on where the company is located who will report to the European Data Protection Board. They must be appointed for all public authorities and companies processing more than 5000 data subjects within 12 months.

Accountability

Although previous data processing notice requirements remain intact, they must also specify the retention time for personal data and provide their contact information to customers. The Privacy by Design and Privacy by Default clauses in Article 23 mandate that data protection protocols must be integrated into the business development process itself. All privacy settings must be set to high by default.

Data Protection Impact Assessments (Article 33) have to be conducted when specific risks occur to the rights and freedoms of data subjects.

Proof of Consent

Article 7 and Article 8 specify that data controllers must possess a valid proof of consent for processing data and acquire special permissions for collecting the data of children under 13 from their legal guardians.

Instant Breach Alerts

Article 32 says that any case of data breach must be reported to the DPA by the controller within 72 hours of discovering the issue so that all parties involved can be warned about the situation and take precautionary measures.

Severe Sanctions

Instances of first unintentional cases of non-compliance will be doled out written warnings by the DPA. As a result, organisations will also be directed to conduct regular data protection audits. In case of graver offences, organisations may have to cough up a deadly fine up to 1,000,000 EUR or up to 2% of the annual worldwide turnover in case of an enterprise, whichever is greater (Article 79).

Right to Erasure

Article 17 empowers data subjects by giving them the right to request removal of personal data related to them on any one of a number of grounds, including cases where the fundamental rights of the data subject take precedence over the data controller’s interests and require protection.

Portability of Data

According to Article 15, users will also be allowed to request a copy of personal data being processed so that they have the freedom to transmit it to another processing system if needed.

On-premise private cloud solutions such as FileCloud help organisations to keep their data in servers within their firewall, while providing all the flexibility and access advantages of public cloud such as Dropbox. Additionally, FileCloud’s unique capabilities to comply with EU regulations, and features to monitor, prevent, and fix any data leakage across devices (Laptops, Desktops, Smartphones and Tablets).

What should you do if you want to transfer data now?

It has been advised that in this pre-GDPR time, that it is better to just avoid transferring data altogether, even though alternatives have been set out by the EU. A number of solutions have been made available to help with the problem of transfer, such as mobile e-discovery technology, predictive coding technology or e-discovery platforms and predictive coding, which can be used to ensure that relevant data is found quickly and deleted.

Transferring data across the pond looks to remain a complex legal process until the GDPR and Privacy Shield are fully confirmed and in place.

However, the legislations are not concrete and may still change, even after going live. Even more so in the light of Brexit, how will the UK adhere to the GDPR and its new shiny facets? Most people say that it won’t change but let’s wait for the Great Repeal Bill.

With the vast amount of alternatives that are available, it should not be difficult to find solutions to processing essential data during this time of uncertainty and it will hopefully be a progression for all internet/data/app users feeling secure that their data is secure!

Should you love it or loath it?

Love it, of course. As Anders Hilmansson puts it, there is quite a lot in it for you! If you comply with the GDPR adequately and effectively, you’ll have the possibility to achieve breakout performance compared to your competitors, owing to you having a competitive advantage. You’ll have what the Boston Consulting Group calls the “Trust Advantage” (MUST READ this paper): meaning that your consumers will entrust you with more data (compared to your competitors), which will lead to better online recommendations, more accurate targeting, faster development of new products and services, and several other benefits to you and your customers.

In light of the above – and taking into consideration that the value of Europe’s personal data is estimated to grow to nearly 1 trillion euros annually by 2020 – the GDPR isn’t a burden: it means business. (Even if most people currently preaching about the GDPR are keeping this a secret.)

Hope that clarifies it and helps put a bit of perspective

Benoit Mercier

Advertisements

Google begins mobile-first indexing, using mobile content for all search rankings

Google has begun testing its mobile-first index, which will primarily look at the mobile version of your website for its ranking signals and fall back on the desktop version when there is no mobile version.

Businesses that have made the move to have their platform responsive will be delighted to read the below. If you haven’t then you need to ask yourself whether you should 1) go responsive or 2) recruit more people to ensure that all your content is available on your mobile site.

Most of Google searches are mobile, but Google’s index is desktop

Google explained that it sees more mobile searches than desktop searches on a daily basis. But when Google looks to evaluate a page’s ranking in Google, it currently looks at the desktop version of the site — an issue we pointed out over a year ago. To fix this, Google will look at the content, links and structured data of the mobile version of your site if one is available.

Google wrote:

To make our results more useful, we’ve begun experiments to make our index mobile-first. Although our search index will continue to be a single index of websites and apps, our algorithms will eventually primarily use the mobile version of a site’s content to rank pages from that site, to understand structured data, and to show snippets from those pages in our results. Of course, while our index will be built from mobile documents, we’re going to continue to build a great search experience for all users, whether they come from mobile or desktop devices.

With this change, Google will primarily index mobile content and use that to decide how to rank its results, regardless of whether you’re on desktop or mobile. There will no longer be any type of “mobile-friendly” adjustment done just for mobile users. Effectively, if you’re not mobile-friendly, that will have an impact even on how you appear for desktop searchers

Google is testing this but hopes to roll it out to all

Google said it has started this experiment and will “continue to carefully experiment over the coming months on a small scale.” Google will “ramp up this change when we’re confident that we have a great user experience.”

No mobile site? Don’t worry

Those who do not have a mobile version of their website do not need to worry. Google will just use the desktop version to rank the site. Google wrote, “[I]f you only have a desktop site, we’ll continue to index your desktop site just fine, even if we’re using a mobile user agent to view your site.” This also means that if you have a responsive site, one that dynamically changes content depending on desktop or mobile device, there’s nothing special you need to do.

Of course, if you do not have a mobile site, you won’t benefit from the mobile-friendly ranking boost. But that is separate from this mobile index news.

How can you prepare?

Here are some recommendations Google is giving webmasters to prepare for the change:

  • If you have a responsive site or a dynamic serving site where the primary content and markup is equivalent across mobile and desktop, you shouldn’t have to change anything.
  • If you have a site configuration where the primary content and markup is different across mobile and desktop, you should consider making some changes to your site.
      • Make sure to serve structured markup for both the desktop and mobile version. Sites can verify the equivalence of their structured markup across desktop and mobile by typing the URLs of both versions into the Structured Data Testing Tool and comparing the output.
      • When adding structured data to a mobile site, avoid adding large amounts of markup that isn’t relevant to the specific information content of each document.
      • Use the robots.txt testing tool to verify that your mobile version is accessible to Googlebot.
      • Sites do not have to make changes to their canonical links; we’ll continue to use these links as guides to serve the appropriate results to a user searching on desktop or mobile.
  • If you are a site owner who has only verified your desktop site in Search Console, please add and verify your mobile version.

Good luck

Benoit Mercier

State of UK shipping in 2016

I have been doing some research on the state of shipping in the UK as I believe that it is a critical success factor to any online business across the world to be successful. Of course, the products you sell are key, but as you will encounter a lot of competition you will need to differentiate yourselves, and matching your customers’ expectation in terms of delivery will be key to your growth.

I have been studying 27 key UK retailers and created a model to evaluate their delivery proposition. To my suprise, House of Fraser came on top just above Amazon. But then upon reflexion, it is not that surprising. HOF have got a huge network of shops, which Amazon haven’t got, as well as, offering additional click and collect networks (Doodle, Collect+, etc). This is where I believe multichannel have the edge on pure players. Make no mistake, Amazon have recognised this strength and expanding their click and collect partnerships (latest in date is Morrisons).

Temando published a very intersting research. Here are some nuggets and interesting insights:

  • 60% of consumers abandon their shopping bag because delivery costs are too high
  • 42% of consumers abandon their shopping bag because delivery information come too late in the journey
  • 37% of consumers abandon their shopping bag because free shipping wasn’t offered
  • 27% of consumers abandon their shopping bag because shipping was too slow

Costs are always an issue but speed is a growing requirement. Over a quarter of respondents mentioned that they expect a fast and reliable delivery service. This is where Amazon have the edge. Always trying to innovate (1 hour delivery, drone delivery). Go back to your supplier and negotiate for a faster service.

Interestingly, on average 40% of retailers charge the customers the exact amount it cost them and only 2% of average make some extra margins. I actually know that some retailers will make a loss in order to optimise their conversion rate. However, 30% of retailers are concerned by the constant increase in prices from the couriers.

Another fact that is becoming key is that 78% of consumers expect their delivery to be made on the same day. Based on my research only 20% of retailers offered that service. That sounds like an opportunity!

Other important facts:

  • 86% of consumers would use time slots.
  • 88% expect a click and collect service
  • 64% expect to collect from other networks collect points
  • 84% expect express delivery
  • 71% expect weekend delivery

Now, what are the drawbacks of not offering a compelling delivery proposition?

  • Reduced customer loyalty (39%)
  • Negative brand impact (36%)
  • Increased costs of returns (31%)
  • Increased calls to call centre (22%)
  • Increased negative social media mentions (21%)

Finally, 42% of consumers would be ready to receive a drone delivery! I can’t wait for that first experience but the air space may be crammed 🙂

In summary, 2 actions you should get on with rapidly:

  1. review your delivery proposition and the ones of your competitors to ensure you are at least competitive and if possible gain a competitive advantage
  2. discuss your costs and available services with your carier

Good luck and if you need help contact me

Benoit Mercier

Google AMP the future

What is Google AMP?

The Google AMP Project is a way of fast-tracking content to mobile devices. It improves upon the traditional model of serving mobile content because it relies on a specific form of HTML, called AMP HTML, to strip down the presentation of content. Mobile’s mix is ever increasing and delivering the right experience at high speed is key to success

Why is Google AMP important for SEO?

As Google often preaches to the industry, page speed and mobile-readiness are high-quality ranking distinctions that determine the placement of a site’s content link in the search engine results pages (SERPs). The faster a site is (among other ranking signals), and the more it caters to mobile devices, the more likely it is to be seen and clicked on by Google search users.

Since 2013, Google has been evolving from being the company that provides links to other sites in search results to the company that provides answers to questions in search results.

There is an excellent article on how ot works

https://moz.com/blog/how-googles-amp-will-influence-your-online-marketing

Happy reading

Benoit Mercier

Check your returns policy

An interesting research this am about returns

17 stores ‘misled online shoppers about legal rights’. The Metro reports that a study by MoneySavingExpert.com has found that 17 retailers were misleading shoppers about their online returns policies. The retailers either “hid” the correct policy or were displaying a policy which did not comply with the law, which was changed 20 months ago to allow consumers 28 days to cancel and return an order. 13 of the retailers highlighted in the report – including JD Sports, New Look and Next – have said they will review their policies or make changes to their online stores. The other four have been reported by MoneySavingExpert.com to trading standards.

Benoit Mercier

Facebook’s price-earnings ratio near record low ahead of fourth-quarter report

A recent drop in Facebook Inc’s stock has left the online social network trading at earnings multiples near record lows as it prepares to hand investors its fourth-quarter report.

Along with fellow technology leaders Netflix Inc, Apple Inc, Alphabet Inc and Amazon.com Inc, Facebook has been among Wall Street’s top stocks in recent years, but a market selloff sparked by plummeting oil prices has pulled it down 7 percent so far in 2016.

In its fourth-quarter report due after the bell on Wednesday, the digital advertising heavyweight is likely to post revenue up 39 percent and net income up 35 percent, in line with growth rates in recent quarters, according to the average estimate of analysts tracked by Thomson Reuters.

P/E ratio is forecasted to go down every year, which is not good news to investors. However, there is still a strong recommendation to buy

http://www.nasdaq.com/symbol/fb/pe-ratio