Trust, Safety & Compliance: A Survivor’s Guide to GDPR-mageddon

Washington D.C. – May 10, 2018 – One World Identity (OWI), an independent identity research and strategy company, today released ‘Trust, Safety & Compliance: A Survivor’s Guide to GDPR-mageddon,’ serving as the definitive primer on upcoming privacy rules in the European Union. The EU’s General Data Protection Regulation goes into effect on May 25th, 2018, and will have an effect on all companies that collect user data, making the need for clarity crucial in the days and weeks to come.

The report provides a deep dive into providing a strong understanding of the changes that GDPR sets forth, and gives companies the concrete steps required to turn compliance into a competitive advantage.

The report includes:

  • What GDPR says and further clarification on practical implications
  • How GDPR impacts each of the five OWI Identity Building Blocks, and highlights questions companies should consider as they adapt to consumer-centric data processing standards
  • Seven concrete steps companies can put in place now and whether or not such companies would be facing an immediate compliance mandate from GDPR
  • What companies should be watching for in the near-term

“Even if a company is not currently governed by GDPR, raising the bar for accuracy in line with the regulation’s principles could have a tangible impact on their bottom line,” said Kaelyn Lowmaster, Principal Analyst of OWI. “Many organizations have adopted a ‘shoot first, ask questions later’ approach: collecting high volumes of data under ambiguous terms of service, then looking for ways to leverage it to improve their businesses afterward. Under GDPR, this approach is no longer legal. No matter how advanced your company’s tech, you can’t rely on algorithms alone to evaluate your customers without giving them more information.”

GDPR is about identity — the information that companies collect from their customers, the organizations with which those identities are shared, and the decisions that are made based on processing identity attributes. The new principles and data subject rights established under GDPR are wide-ranging, but companies won’t truly understand their scope until the first rounds of sanctions for noncompliance are levied after May 25, 2018. GDPR will raise the bar for data protection worldwide, even where the regulation doesn’t actively apply.

“GDPR is just the beginning. Europe has been leading the way for consumer-centric digital rights and privacy protection for decades,” said Travis Jarae, CEO of OWI. “Beyond the public sector, high-profile cases like Facebook are bringing the debate about universal application of GDPR principles into the public consciousness. In a digital economy reeling from billion-user breaches of sensitive data, a new generation of more educated consumers will continue to demand stricter privacy protections.”

Download the report “Trust, Safety & Compliance: A Survivor’s Guide to GDPR-mageddon” here.