Summits Yellow

DMA Calls for GDPR Compliance

David Murphy

Chris Combemale

Combemale: "We need to find the right balance between privacy and commerce"



Chris Combemale, CEO of the DMA, has called on businesses to take responsibility for customer data and ensure they are prepared for the new General Data Protection Regulations (GDPR) due to come into force in May 2018.

Combemale was speaking at today’s Data Protection Update 2016 conference, which will also include keynotes from people.io Founder Nicholas Oliver; the Information Commissioner’s Office’s policy delivery group manager Iain Bourne; and Steve Wright, chief privacy officer at John Lewis, alongside speakers from Barclays, Cancer Research, L'Oréal and Sky.

“To ensure the continued growth and sustainability of the data-driven economy we need to, as an industry and society, find the right balance between privacy and commerce,” Combemale said. “Respect and responsibility are essential to creating the trust required for the growing number of companies that rely on this data to fuel their business. In an increasingly global digital marketplace, Brexit does not change the behaviours that companies must adopt in order to succeed and build long-term relationships with customers.”

The final text of the GDPR was approved by the EU Parliament in April 2016 after 7 years of discussion, making clear a company’s responsibilities when collecting and using customer data. Just a couple of months later, the UK voted for Brexit and suddenly companies were no longer sure if they would have to abide by the framework of the legislation. The reaction to this ranged from delaying to a complete stalling of preparations.

“Brexit does not change the need for UK businesses to prepare for GDPR,” Combemale said. “Firstly, it looks likely that the UK will still be a member of the EU when the new rules come into force, and as such companies will need to be compliant for at least the period or until the formal Brexit happens. Second, even-post-Brexit if a UK company has a single customer in Europe they will need to adhere to the new legislation. Finally, any trade deal that is negotiated will require an equivalent level of data protection in the UK. If you want to see how seriously the EU takes the topic of data protection with non-member states, you need look no further than its approach and negotiations with the US on Privacy Shield.”

The data-driven economy is the engine that will continue to drive growth in the UK. According to Tech City’s Tech Nation 2016 report, the UK’s digital technology industry already contributes over £161bn to the nation’s economy. This represents over 1.5m jobs in the UK, with more than one in 10 of these in the field of data management and analytics. According to the Boston Consulting Group, the UK’s Internet Economy is the largest of all the G-20 nations, representing over 12 per cent of GDP, which is twice the size of the average G-20 and 27 EU member states.