Will GDPR disrupt analytics?

0
Will GDPR disrupt analytics?

Just hours left before GDPR comes into force on 25 May 2018.

The General Data Protection Regulation, or GDPR, comes into force on 25 May 2018. It has been a topic of considerable interest recently, and particularly its likely effect on individual sectors or business areas such as marketing and sales. Software manufacturers and consulting companies have been developing and launching solutions and approaches to help businesses better meet the new regulatory requirements. But now that the initial excitement has died down and the uncertainty is over, many companies are starting to realise that the GDPR offers new opportunities to rethink and improve existing practices related to personal data.

GDPR is designed to prepare European companies for the safe handling of personal data in the digital age, and also strengthen the rights of citizens in relation to their personal data. Roughly speaking, it regulates the handling of personal data across:

  • Control and consent of the citizen.
  • Transparency in case of security breaches.
  • Withdrawal or “the right to be forgotten.”

The rules apply to all companies dealing with personal data of European citizens. Just about all businesses come into contact with personal data in some form, meaning that not even the smallest craft businesses are excluded. However, the biggest impact, and thus the main regulatory effect, is on companies whose business model is closely linked to the collection and processing of data. We have recently seen the impact of failing to protect large amounts of personal data in the Facebook scandal. GDPR should help to avoid future problems like these.

If we are honest, most of the GDPR provisions are actually principles that are – or should be – standard in most companies. The new, and globally uniform, standards and particularly customers‘ strengthened rights to transparency, however, are obliging many companies to make selective improvements to their operations to enable them to continue to process personal data and use it for analytical purposes. After all, few are going to give up the advantages of analytics for the sake of some changes.

Rethinking the future

The GDPR, therefore, means that companies are likely to rethink precisely how they manage personal data and analysis in the future. In particular, they may adopt new technologies and architectures that make it easier to comply with GDPR requirements. These include:

  • Real-time analysis

Real-time analytics may be used to avoid the time and effort required to securely and transparently store personal information. Personal data can then be analysed rapidly, directly after input, and discarded immediately. This eliminates the need to protect personal data in long-term storage, and would also reduce the amount of personal data that the company stores about its customers. The results of the analysis could be used during the customer contact and stored without personal identifiers.

  • Edge analytics

Processing of personal data could also be pushed out “on the edge” in the future, for example, on devices such as customer mobile phones and tablets. Technically speaking, the data never leaves the customer, and so is under their control. The advantage here is transparency because the customer can directly influence the processing of the data.

  • Self-determination

Another interesting idea is to reverse the privacy policy process. Rather than having each company make separate privacy statements about the use of personal information, in the future we may be using consistent privacy and use terms, similar to open source licenses. This would allow individuals to decide what their personal data could be used for, and companies would have to agree to individual terms and conditions if they wanted to use the data. Users would therefore determine which information could be used. Personal data would remain on user devices, always up-to-date and ready to access. It would no longer be necessary to store personal information on corporate servers.

  • Blockchain

Last but not least, blockchain is a new technology that could help companies improve the security of personal data. Compared to classic security mechanisms with user name and password, blockchain offers much more comprehensive protection. Public and private keys, which form a digital signature, secure the data in the blockchain. The public key acts as a kind of address for the individual transactions, but only the private key allows the user to access the transaction data in the blockchain. As many public and private key combinations are needed to read the data, blockchain technology is making the massive theft of personal data impossible.

The General Data Protection Regulation is an important step in protecting personal data. It will, however, also be interesting to see what the future holds and how new concepts and technologies will help to safely use sensitive data.

This blog post was originally published in German on the regional blog site Mehr Wissen.

Share

About Author

Helmut Plinke

Principal Business Solutions Manager

Helmut Plinke acts as Principal Business Solutions Manager for SAS, focusing on data quality and data governance technologies. Helmut is an enthusiast of data quality technologies to improve fitness of data and thereby help businesses to improve efficiency and gain competitive advantages. In his current role Helmut supports customers in designing enterprise data management solutions based on SAS technology. He is a specialist in data quality and data integration technologies for a long time now and has been part of some of the major SAS data quality and data governance projects in DACH and the Netherlands recently. With over 15 years of experience across multiple industries Helmut has also gained a wealth of knowledge and experience in technologies like business intelligence, content management and enterprise application integration from his past roles with other companies. Helmut has published in IS Report and speaks about the topic of data management at SAS and public conferences sharing his project experience and knowledge.

Leave A Reply

Back to Top