By Amit Joshi
Even before the enforcement of the General Data Protection Regulation (GDPR) across the European Union’s 28 member states, European firms apparently had a tough time becoming GDPR compliant. Today, they are faced with the implications of the constraints on the ability to collect, store, process, and use customer data. Where this leads customer analytics is a significant question to ask.
As countries in the European Union prepared to roll out the General Data Protection Regulation (GDPR), the initial sense across European firms was that they are underprepared for the disruptive effect that such a law brings forth on all aspects of data management. Even among companies who were well aware and better prepared for the commencement of the GDPR regime, there was a sense of despair arising from what were seen as severe constraints on the ability to collect, store, process, and use customer data. But were these fears legitimate, or were they misplaced? Were firms overreacting to the implications of this law? And what about consumers – are they going to see long lasting benefits from the increased individual data privacy?
It is important to separate the immediate effects that this regulation have on both companies and consumers, from its possible longer-term implications. Moreover, all parties, including regulators, should consider the unintended consequences resulting from such a sweeping change in data privacy regulations.
In the short term, companies that are dependent on consumer data (especially data collected online) were hamstrung in their customer outreach efforts as they lost their access to several avenues of data collection that were previously used, including both internal and external sources of data. Since May 25, re-targeting data, clickstream data and even data that could previously be purchased from vendors were lost. Furthermore, even for data that were legally collected and stored, the scope of usage was drastically reduced, since GDPR rules that data can only be collected and used for very narrow, specific purposes, as disclosed to consumers during collection. Companies were apparently caught unawares by the law, or unknowingly committed infractions. Luckily, the consequence of the first sanction is only a warning and not a fine! In the short term, the fears of several managers may therefore be realised, especially if they are unprepared for the challenges.
Ironically, the short term impact of this law can be felt most by the firms that are truly committed to managing by analytics, while those that are analytics laggards cannot be as impacted. However, the most agile of these companies can recover their edge by prioritising speed to market new analytics systems over the accuracy. The best firms are using analytics innovation to meet this challenge.
In the long term, GDPR can spur innovation in data analytics. The last several years have seen firms being spoiled for choice in the amount and variety of data that were available to them. As a consequence, data analytics paradoxically became more sophisticated and lax at the same time. Access to vast amounts of data allowed for deeper understanding of the customer, but the analytics techniques used often ignored the underlying causes of that customer behaviour – why expend resources trying to understand causality when copious amounts of data provided insight into every decision outcome? Take collaborative filtering as an example, which is the model that Amazon or Netflix use to provide customised recommendations to their customers based on past purchase or viewing habits across billions of data points. While extremely powerful, this technique does not really care why you may like a particular book or movie – it is just that your past actions strongly predict that you probably will.
With GDPR slowing the data flow to a trickle, companies need to figure out how to draw more insights from less data, rather than just throwing more data at the problem. This is surefire way to spur innovation in analytics, leading to newer techniques, which are better at understanding what actually drives consumers to make decisions. Over time, the use of more rigorous analytics shall become a common feature in analysing customer data, thereby leading to even more nuanced insights.
At the same time, European firms need to ensure that their traditional analytics models remain up-to-date, or else they risk losing out to rivals who are not subject to these regulations (for instance, Alibaba or Tencent from China). The lack of massive amounts of data can also slow down the Artificial Intelligence capabilities (specifically those linked to deep learning, which depend on very large datasets) of GDPR affected firms, putting them at a further disadvantage with rivals. Affected firms need to have a plan in place to prevent falling behind in this race.
That GDPR is a boon for customer privacy is not a news. In some ways, this law levels the playing field between companies and customers in terms of their information. Companies have had much more information on consumer habits than consumers have had on a company and its products. Now, customers can actually control how much of their information companies can get, and thus reduce the asymmetry. Indeed, this may actually prompt firms to start paying for customer data, as they realise the real worth of this resource that was free so far.
On the contrary, consumers are also looking for fewer personalised recommendations as companies lose the insight into their behaviours. It is possible that the amount of spam individuals receive may increase, as some firms again resort to indiscriminate mass targeting due to the unavailability of high quality personal data. Another unintended consequence is that companies again revert to creating products for an “average” customer, as they typically did before the mass customisation of the digital era. The “long tail” of niche products offered by firms such as Amazon, Spotify, and Netflix depends largely on the unfettered access to prior consumer choices. In its absence, companies could be hampered in serving the long tail. Of course, as companies become savvier with their “limited data” analytics skills and re-gain the ability to personalise their products and recommendations, consumers may benefit from the double positives of increased data privacy and higher personalisation.
Most significant change in the digital marketing era
GDPR is the most significant change companies are grappling with in the digital marketing era. Invariably, the more agile and analytically driven firms are the ones with the ability to adjust faster to this disruption and come out ahead. Consumers should also brace themselves for changes in the way companies interact with them, the variety of products and services they can access, and how companies communicate with them. In all, anyone dealing with European customers may be in for a rollercoaster ride over the next few years.
About the Author
Amit Joshi is Professor of Digital Marketing and Strategy at IMD business school. He brings IMD extensive expertise in marketing management and strategy, advertising, digital media, data analytics and marketing accountability. He is also the Program Director of the open program Digital Analytics.