The IT Pro Podcast: Can codes of conduct save GDPR?

Ever since the UK left the EU, data protection has been a hot topic. On the one side government officials on one side argue that current rules are unnecessarily restrictive, while on the other privacy campaigners maintain that any changes to legislation could make it harder for organisations to do business with EU partners.

The solution to this conflict may lie in reinterpreting how we think about GDPR, rather than revising the regulations themselves. The UK’s Data and Marketing Association has suggested that GDPR codes of conduct could be a way to clarify the rules without having to water them down. We’re joined this week by DMA CEO Chris Combemale to discuss this idea, as well as the potential impact the government’s proposed changes to UK data protection laws could have on businesses.

Highlights

“When GDPR came into force, one of the main objectives … was turning the previous data protection legislation from 1998 from a directive, which gave each country the opportunity to have some flexibility, to a regulation, which theoretically means less flexibility nationally ... but in actual fact, every Data Protection Authority across the remaining 27 countries of the EU is interpreting and applying GDPR in a different way. And that is creating huge inconsistency and confusion. So one of the things we're doing [is] trying to create a network of national codes of conduct that harmonise the interpretation in the ways we think are consistent.”

“If you have customers that no longer want to do business with you, for whatever the reason, it's not actually efficient for that company to continue to communicate with you. It's not a productive use of resources, and what companies are trying to do when they're collecting insight about their customers, and understanding what their customers buy, they're trying to find those customers that really do want to have a long term relationship and do want to buy from you frequently and do want to benefit from the things loyalty offers. And that's where companies want to invest their money, because that's what's profitable. So philosophically, then, there is no contradiction between what GDPR asks and what companies are trying to do.”

Read the full transcript here.

Footnotes

• What is GDPR? Everything you need to know, from requirements to fines
• GDPR turns three: The biggest fines so far
• The IT Pro Podcast: Happy birthday GDPR
• DCMS lifts the lid on UK GDPR reforms, including ICO restructure
• Irish data regulator fails to resolve 98% of big tech GDPR cases
• The IT Pro Podcast: Navigating Brexit data transfers
• Footballers seek compensation for "GDPR violating" performance data trading
• Seven steps to GDPR compliance
• Amazon faces £637 million fine over GDPR violations
• Data protection policies and procedures
• Nine top GDPR tips for email marketing strategies
• What are the responsibilities of a data controller?
• Three key steps to delivering data-driven marketing
• How to build an effective marketing strategy with the cloud
• The rise of consent and preference management

Subscribe

• Subscribe to The IT Pro Podcast on Apple Podcasts
• Subscribe to The IT Pro Podcast on Google Podcasts
• Subscribe to The IT Pro Podcast on Spotify
• Subscribe to the IT Pro newsletter
• Subscribe to IT Pro 20/20