The European Union's May 25, 2018 General Data Protection Regulation will empower consumers to seek profiling data that retailers hold on them, thus adding layers of legal paperwork and accompanying costs to comply. Image credit: Fung Global Retail & Technology
By Stuart Simms The enforcement date of May 25, 2018 for the European Union’s General Data Protection Regulation (GDPR) is looming, and United States retailers must take heed. The regulation serves as the legal framework governing the use of personal data across all E.U. markets and sets a strict, new standard for consumer privacy and data security. Once GDPR goes into enforcement, financial penalties for non-compliance become severe – severe enough where offending companies can face fines of up to 4 percent of their global revenue, or 20 million euros, whichever is greatest. What does this mean for U.S. retailers and consumers? A lot. Retail detail In an already plagued sector battling significant market challenges ranging from the aggressively expanding Amazon Empire to increasing store closures and diminishing consumer engagement, GDPR is yet another retail pressure valve. Recent Forrester research shows many organizations are unlikely to achieve compliance by May 25, and among those, media and retail companies are the very least prepared. The research firm estimates a mere 27 percent of global retailers will be fully GDPR-compliant by May 25, leaving the remaining 73 percent in a race against time. Broadly, GDPR aims to empower consumers with the decision on when and how their data is collected, shared and used. This includes any information that can be used to identify who they are, how and where they shop, what they spend – phone numbers, device IDs, IP addresses, cookie IDs and demographic details. GDPR marks a crossroads for retail. Retail is a data-driven industry absolutely reliant on consumer information. Data is the key to improving and personalizing consumers’ online shopping experiences, which in turn drives healthier sales, elevated brand advocacy, improved shopper retention and repeat purchasing. Brands are left helpless if unable to learn about and understand their consumers, consumer likes and dislikes, how they shop and what they want. According to our research, 70 percent of consumers believe advertising can enhance their shopping experience when it connects them to additional shopping options and better discounts, and 81 percent of U.S. consumers want brands to know that advertising is acceptable when ad content is useful and does not interrupt the online experience. Many consumers proactively engage with certain native ad experiences and prefer advertising that is personalized to their likes, lifestyles and interests. The conundrum is that consumers who will not share their data under the GDPR framework, in response to a knee-jerk reaction to the notice, are also opting out of personalized advertising that is designed to add value to their shopping experience and give them services they enjoy for free such as music, videos and news. PR Beyond the fines, there are drivers making GDPR a priority for retailers, including the potential public relations damage stemming from the regulation. In a scenario where a retailer is publicly called-out for non-compliance, the resulting impact is loss of consumer trust, loyalty and engagement. Our research shows consumers who trust a brand deliver 1.9 times higher in customer value – i.e. spend – than those who are simply acquainted with a brand, but do not have established trust. Research also shows there is more to lose if non-compliance affects consumers who are brand loyal – 7.2 times higher in customer value, or brand evangelists, 9.7 times higher in customer value. Compliance is critical to protecting brand image and it is crucial in giving consumers piece of mind that they are safe and trusted with the brands with which they engage and do business. The number of U.S. companies facing GDPR is immense and retail is at the tail-end of the adoption and preparation curve. WITH SO MUCH at risk – fines, consumer loyalty and potential negative publicity – the retail sector must forge ahead and prepare to enter a new era of consumer control. Key to success is developing and serving more customized, relevant ads that entice consumers to opt-in and share their personal data with the brands they love. Retailers who have prepared for GDPR and show compliance have positioned their brands for future success in the U.S. and cross-border.
Stuart Simms is president of Rakuten Marketing