Head of Insights and Analytics at Meshh, Nick Child, looks into government plans to replace GDPR with a new British data protection system.
Culture Secretary Michelle Donelan sparked industry attention during the 2022 Conservative Party Conference at ICC Birmingham after announcing government plans to replace General Data Protection Regulation (GDPR) with a new British data protection system.
Promising a “simpler and clearer” system to better protect delegate privacy and keep their data safe, the proposed change raises a lot of questions for weary event planners already used to navigating the tricky field of sticking to GDPR law.
“As people become more aware of the value of their personal data, they will ask for more in return for sharing it.”
As a spatial analytics company specialising in intelligent data capture technology for live experiences, Meshh has closely followed both the introduction of GDPR and the emerging plans around the UK Data Protection Bill which have been stalled in parliament for some time.
“We naturally comply with GDPR and all privacy laws in the UK by securing our customer data and observing the many rules governing data retention and processing,” explained Head of Insights and Analytics, Nick Child. “This does not impinge on our spatial analytics offering. The data we collect does not include any personally identifiable information, and it is further anonymised before being stored.”
Despite GDPR coming into effect back in 2018, the rapid developments in cybercrime since have made total compliance a real issue for many event and hospitality professionals, with data breaches hitting companies with fines significant enough to put many SMEs out of business. Marriott’s Starwood division was fined over £18 million in 2020 when it was discovered hackers had stolen the records of 339 million delegates, while British Airways was fined £20 million in 2020 by the Information Commissioner’s Office (ICO) for a 2018 data breach that affected over 400,000 customers.
Despite government promises of making the new data protection system “more business and consumer friendly”, Nick suggests that any noticeable differences may be on a smaller scale: “The new UK Data Protection Bill will likely follow the European GDPR model, so trading and business relationships can continue without divergent regulatory regimes for data.
“Any changes away from GDPR, such as a more liberal interpretation of private data or changes in scope, will still need to satisfy EU rules. Many parts of the bill relating to new digital infrastructure, the information flow to law enforcement, and strengthening the Privacy and Electronic Communications Regulations Act, are also likely to change the digital data landscape in the UK. But at this early stage, it is impossible to predict what the final act will contain when it becomes law.”
The mandatory use of dedicated apps to verify entry passes and prevent fraud during in-person events last winter has also increased the pressure on planners to keep on top of data protection legislation while prompting delegates to have more say into what they want to see in a new data protection system.
“Asking delegates to track themselves during and after the pandemic has raised a great deal of awareness of data privacy where little existed previously,” said Nick. “The new UK Data Protection Bill, when it reaches its second reading and Royal Assent, is sure to raise this awareness even further.
“Consumers will be more inclined to demand privacy by default – and device makers will need to deliver. For example, Apple’s iOS devices will now refuse permission for other apps to harvest data unless the user gives specific permission. This is the direction of travel, and as people become more aware of the value of their personal data, they will ask for more in return for sharing it.
“By continuing to work within the confines of GDPR – the toughest and most stringent data protection regulation in the world – we are able to assure our clients that our privacy and data protection measures meet or exceed their local requirements.”
Meshh.com