In recent years, the way marketers acquire, store, and utilise data has gone through a fundamental transformation. The initial gold rush of every datapoint being up for grabs ended exactly four years ago when, in May 2018, GDPR became official here in the UK. At the same time, customers were already becoming more aware and wary about sharing their information, and scandals like Cambridge Analytica brought spotlights onto the matter.
On the technology side, we saw a transition from the DMP to the CDP approach. For some, DMPs represent the wild west of third-party cookies, with very little regulation about consent or access for the customers. Now, the platform everyone talks about is the CDP. The focus has changed, the customer has gone from being the amalgamation of third-party, unregulated data, to being a empowered and consenting owner of the first-party data they allow brands to store for the purpose of serving them.
You see, this shift is not just about how we approach data in a post-GDPR landscape. It’s also about how consumers are becoming increasingly aware of their privacy rights, which in part gives them the right to access or delete their personal data (i.e., the right to be forgotten). What was previously the odd data deletion request is growing into a task that can not only be time-consuming, but that needs to be done carefully at the risk of facing substantial penalties and fines.
Consequences of Siloed Data
“The cost of processing Data Subject Requests [has] more than doubled.”
— DataGrail
A 2022 survey by DataGrail reported that “the number of Data Subject Access Requests (DSARs) nearly doubled year over year” and that at the same time “the cost of DSARs more than doubled.” It stands to reason that this trend may continue, and what might currently go under the radar as a simple annoyance may quickly become a thorn in the side of many unprepared businesses.
In recent years, the way marketers acquire, store, and utilise data has gone through a fundamental transformation. The initial gold rush of every datapoint being up for grabs ended exactly four years ago when, in May 2018, GDPR became official here in the UK. At the same time, customers were already becoming more aware and wary about sharing their information, and scandals like Cambridge Analytica brought spotlights onto the matter.
On the technology side, we saw a transition from the DMP to the CDP approach. For some, DMPs represent the wild west of third-party cookies, with very little regulation about consent or access for the customers. Now, the platform everyone talks about is the CDP. The focus has changed, the customer has gone from being the amalgamation of third-party, unregulated data, to being a empowered and consenting owner of the first-party data they allow brands to store for the purpose of serving them.
You see, this shift is not just about how we approach data in a post-GDPR landscape. It’s also about how consumers are becoming increasingly aware of their privacy rights, which in part gives them the right to access or delete their personal data (i.e., the right to be forgotten). What was previously the odd data deletion request is growing into a task that can not only be time-consuming, but that needs to be done carefully at the risk of facing substantial penalties and fines.
“UK businesses spend, on average, £1.59 Million and 14 person years annually processing DSARs.”
— GRC World Forums PrivSec Report
Recommendation for DSARs Cost-Reduction
To avoid being sucked down an expensive and arduous DSARs rabbit hole, we recommend completing a customer data audit before it becomes an issue. For example, look at how access requests are handled in practice, how complete they are, how right to be forgotten is managed (including in the context of back-ups), and how opt-outs are stored for the purpose of future exclusion. These are just a few examples of legally grey areas, which, when combined with data silos, could cost dearly.
The heydays of cheap data and few responsibilities are indeed over. Marketers need to ensure their data is centralised and democratised so that it is comprehensive, joined up and easily accessible to reduce any avoidable costs of data deletion and access requests.
Get in touch to learn how Plinc can help you join your data together, providing you with a consolidated Single Customer View that is accessible across the business.
