Coming to terms with GDPR: A reckoning for app developers
Editor's note: The following is a guest post from Dale Carr, founder and CEO at Leadbolt.
It's inconvenient. It's disruptive. It's cumbersome. But the General Data Protection Regulation (GDPR), an EU law that affects both individuals and businesses working in the European Economic Area (EEA), came into effect on May 25 and is good for the future of tech companies and digital consumers around the globe.
We had it coming (at least a little bit)
Our interdependence with tech has been encroaching upon individual privacy for years.
In the age of technology, where tools and apps are designed to bring convenience and joy into our lives, the access to and application of personal data and information is reaching unprecedented levels. In any given day, the average person is likely to encounter any combination of location and GPS beacons, facial and voice recognition, video surveillance monitoring, AI assistants that "listen in" on conversations, algorithms that can accurately predict a future purchase based on search and past purchase histories and yes, exposure to targeted advertising… to name a few. It can feel like a bit much, right? As we become more technologically inclined (er, make that dependent), we're presented with a myriad of "app-tastic" opportunities, but also confronted with the deep responsibility of the innovation we bring about to protect what was once held sacred: our privacy.
Until recently, digital consumers happily — and some might say, naively — traded their anonymity for the convenience of accurate driving directions, sale fares, mobile coffee orders, next-day shopping deliveries, on-demand entertainment, scrolling through friends' photos and the like. Facebook's scandal with Cambridge Analytica was a major wake-up call to the industry and to users, reminding us that people are not necessarily aware of how their personal data is used, even after setting their privacy preferences. It's a new world, and things can go wrong.
GDPR restores balance
With a steep penalty of up to $23.2 million, or 4% of the worldwide annual revenue of the prior financial year for noncompliance, GDPR is a serious regulation with serious consequences for misbehaving companies. However, the new regulations aren't the end of app developers or marketers being able to use personal data. Rather, it affords users in the EEA the added protection of choosing to allow access to their data with clear understanding, and may rescind access to their data or see what data has been collected, at any time. GDPR is a great example of restoring balance, and the rest of the world should adopt similar laws.
There's great power in transparency and an opt-in relationship where the digital consumer is informed, understands their rights and actively wants to be there. That's the foundation for any healthy relationship.
People still want to use apps
We've become reliant on all kinds of apps that make our lives easier or more enjoyable, and people don't want to stop that altogether. They're looking for peace of mind that they can continue to use your app and still have control of their personal information. By making it clear how their data will be collected and used, you inform and establish a clear business relationship with your customers or users. Some existing customers may decide to not continue using your app, or by sheer volume of GDPR notices coming in, overlook the request to re opt-in, but most aren't intentionally intending to quit. Users still need and want your apps in their lives, and since GDPR applies to all companies doing business in the EEA, consumers must come to terms with the fact that the use of personal data is necessary for many apps to continue to deliver on their promises. Let me say it again:
Data is a necessary component of a good app experience
Data collection is not only an engrained component of how most things operate in today's world, but is a necessary practice to deliver the personal and highly relevant experience that app users rely on, and even take for granted. But GDPR is not about abolishing the rights to use data. Under GDPR, app developers and marketers will still be able to access and use data to continue to service their customers, and indeed, to support a sustainable financial model such as advertising. But they'll now do so with the clear and unambiguous understanding and acceptance of users who wish to continue using the app. While it makes our tech jobs more complicated, it's fair and right to prioritize users' privacy preferences in all that we do going forward.
Trust and receptivity go hand in hand
GDPR is paving the way for two-way accountability. Users may have been careless about reading those long and detailed privacy agreements, but we as a tech community could have made them simpler to understand in the first place. The recent spotlight on GDPR has forced consumers to take an active interest in learning more about the impact of their choices, and for companies to behave as though it's a privilege to utilize personal data, and not a right. In this way, GDPR has become a catalyst for companies and their digital consumers to conscientiously and ethically deepen their relationship. When a company builds trust with consumers, consumers then reward those companies with loyalty, brand evangelism and sales dollars.