The protection of personal data is a vast and hot topic for all web players, particularly in terms of e-commerce and digital marketing. The recent Cambridge Analytica scandal has shaken Facebook, the social network giant, even while Europe is preparing to strengthen the protection of data with the introduction of the GDPR.
User distrust: the case of Facebook
More and more Internet users are thinking twice about, or refusing to communicate personal information. Indeed, the question of the collection, exploitation and protection of such information often remains unclear. The mistrust and the concerns of the users are increasing, the reason is often the fact that personal data is abusively used mainly for advertising purposes.
The scandal that recently hit Facebook illustrates this problem. The British consulting firm Cambridge Analytica seems to have obtained data on millions of users from the Californian giant in violation of the rules established by the social network. These data were used to create psychographic profiles to help, among other things, produce advertisements concerning the Brexit referendum and the US presidential election. To respond to the outrage and anger of users, Facebook has announced that it wants to implement concrete actions to further protect the data and has stopped allowing its use by some third-party companies and data brokers.
These harmful practices also raise the issue of the status of national and international legislation on data protection as well as the role of regulatory authorities in this area.
Data protection legislation and the GDPR
In France, the regulatory body is the CNIL. Its mission is “To protect personal data, support innovation, preserve individual liberties”. It informs web and other players of the obligations to be respected (collection authorisation, declaration of data files etc.) while stating the rights of Internet users (the right of opposition, rectification, right of access and consent to the collection of data etc.).
The CNIL, which recently formally warned utilities company Direct Energy for its failure to obtain authorisation for the collection of data, can also impose sanctions via a range of measures including heavy fines.
But it is more particularly the upcoming introduction of an European directive on May 25, 2018: the GDPR (General Data Protection Regulation) which is currently on everyone’s mind. Indeed, it will tighten the data protection policy for all EU member States and will modify the rules, particularly for the collection and use of personal data and information, via new and sometimes binding rules. This will therefore directly impact all web players and for e-commerce it is essential to prepare for the implementation of this bill.
Update your processes and restore confidence
In the context of web marketing, data analysis is particularly useful. It is an effective tool for adapting advertising and placing products. Thus, personal data is a gold mine which is why companies, applications and social networks are eager to collect as much of it as possible.
The communication of personal data is a major concern for Internet users. It is necessary to respond and adapt the collection and exploitation process while complying with the GDPR that comes into force in May 2018. This is an opportunity to think about the usefulness of the data and to regain the trust of users.