[ad_1]
At a recent event hosted by a marketing fraternity, the chief technology officer of a promising e-commerce portal said, "We store all the data we can! That it's a mouse click, an overview of an image or details captured by the consumer on the platform. We store all of this, even if we do not know what to do for the moment. Another marketer recounted the incident of a reputable Mumbai realtor who bought databases from banks and simply stored them under the name XYXBank_Database.
This negligent management of consumer data will have to be modified when the historic draft law on the protection of personal data will be applied in India. The Indian business community, which has worked on the principle that "if the consumer is mine, his data is too," will have to rethink all of his consumer data practices and rewire his processes.
The Srikrishna committee's bill indicates, in no uncertain terms, that individuals are the owners of their data. It also states that companies may collect data only after explicitly stating the purpose of the data collected and that after obtaining the consumer's consent, the data may only be used when the data are collected. to this end. And the collected data can not in any case be transferred to another entity. For example, the CTO of the e-commerce company and the banks, as well as the Mumbai real estate broker, are currently violating the data protection bill.
The bill should be tabled at the winter session of Parliament. It is unclear whether the bill will be adopted before the general elections of 2019. That said, the biggest conglomerate of media agencies – WPP – takes very seriously the draft law on the protection of personal data and Urges marketers and partners to prepare for the day of the implementation of the law.
"Treat this bill in the same way that companies did in the year 2000," warns Anand Siva, senior consultant at Kantar Analytics. He says companies have time to prepare for the day the law will be enforced and that they should use the time available to check their inherited practices from the past and "put their affairs in order" . The key attitude change required, he says, is not to look at the data as something that "only helps the business".
But not everyone listens to Siva. He says the brands are still waiting for the government to put the final law in place before reviewing the process. "There are two types of organizations today: one that says we are very well covered, not realizing they are not; the other is the guy who says, "I'll take a look when the time comes."
Baldeep Singh, country director of WPP's Data Alliance, also noted Siva's complacency and lethargy in brands. "The reality on the ground is that it's still fresh and fresh. People are still dealing with privacy and data security, "he said. But Singh is also convinced that it is an opportunity. "When we try to understand the data, how to use it, keep it private and put in place data protection officers, we have the opportunity to start all over again. We are at a great catalytic stage in India, "he added.
Despite these factors, Siva and Singh believe that data protection will soon become a habit of hygiene for businesses. "The law says that consumer choice opportunities must be explicitly stated. Consent forms will no longer be a checkbox, "says Siva.
According to Siva, compliance with data protection laws can only allow the brand to have a healthy relationship with consumers. "Honesty and trust must be implicit, it can not be an afterthought. If a brand has a purpose for the data and is able to give value to a customer, there is no reason why a customer does not want to share his data. "Currently, only about 2 to 3% of total retail sales take place online and conversion rates are not as good as they can be." Therefore, Siva thinks that businesses will be able to target better and more precisely when they enforce data protection laws.
According to Siva, the biggest challenge for businesses to comply with the law is intentional. Believes that the cost of auditing and rewiring processes to become compliant should be around 25 to 40 lakh. "Most companies might wonder if this will be a mandatory expense because the law has not yet been enforced. Singh's other biggest challenge is finding people who understand this space. "There are not too many people," he says.
Companies should recruit a data protection officer ( DPO) and not just the equipment he says, "A DPO must be someone who understands the technology, processes, constraints, and needs of the marketing team. You do not need a technology specialist, but someone who speaks all three languages, "Siva adds.
The main criticism made of the bill is that it attacks the issue of privacy by replacing it with consent. Will the Indian consumer then take charge of her rights and not fall prey to the companies? "It could take a while, we might need a consumer education. We could have a data management authority, like mutual funds. There will be a small learning curve for the first 6 to 9 months, then the situation will become the norm, "says Siva.
Singh wants people to become aware of the risk of misuse of consumer data. "People have to start realizing that their data can hold a lot of information that can be used to target them or even clone them." The question people have to ask themselves is: "what should I do to protect my data?" argues that the government must educate its citizens about what constitutes data, the relevance of its use, and how it can be misused.
And Siva says that consumer behavior in data protection is already changing. "Previously, the number of consumers who subscribed to DND service from their telecom operators rose to about 30%, compared to 50% today. This number is increasing dynamically and very consistently.
As consumers become more aware of their rights and the consequences of misuse of data, it will be imperative that businesses prepare for the day when the bill becomes law.
Finally, what is the roadmap to become compliant? Siva gives the readers of exchange4media a complete account, read the following:
Before understanding the processes to be changed, companies must understand what they have done. Most organizations work on legacy models. People who introduce these processes do not last long enough in these organizations. As a result, the processes put in place years ago are continuing without anyone knowing why these processes were implemented.
Companies must first evaluate all of their current processes and determine what has been done, why, and with what compliance measures. Once this is done, they must know what they plan to do in the next few years. For example, if they are planning to launch new products, it is important to know that a customer who buys a product today will also likely purchase the next product as well. Data authorizations must therefore match the marketing needs of the company. not in a vacuum
The consent obtained can not be very improvident, it must have a window of 2 to 3 years for the company to be well covered when the new plans begin to be put in place. Once companies know what they want to do with data, they need to find the gaps and fill them.
The other key element is to understand the effectiveness of tools and technologies to manage these needs. We are entering a Big Data space where there will be lots of on / off switches for consent that can only be implemented when processes are automated. For example, if a consumer calls a call center to delete his data, he must be allowed to erase the data. This means that the technology must allow this, that the database must be accessible to a member of the call center and that there must be some evidence that the client has requested to delete the data.
The last aspect is the legal angle. When a company collects data from multiple sources, the consumer is the giver and the business – Data Fiduciary. The company can not blame the intermediary who collected the data for any misuse of data – they are agents of the company and the actions of those agents bind the data trustee. The company will also have to make sure that its agents and partners are also compliant before working with them.
Source link
