You’ve probably heard of the GDPR. But do you know why you should be aware of it as a social media professional?
The General Data Protection Regulation (GDPR) is a regulation about data protection and privacy for individuals residing in European Union (EU) while also addressing the policies on how the personal data is to export outside the EU. In order to address the data privacy protection challenges created by the evolving digital economy, the General Data Protection Regulation repeals and replaces the 1995 Data Protection Directive. Therefore, it enhances personal data, increases responsibility for organizations that process personal data, and introduces improved enforcement systems.
The GDPR establishes the minimum level of personal data protection throughout the 28 EU member countries. It will protect personal data with information relating to an identified or identifiable natural person. This includes individuals’ names, photos, posts on social media, and personal IP addresses. Starting May 25th, 2018, the civil fines for GDPR fall will be enforced. The fines range from $20 million to 4% of a company’s annual income; whichever is the larger amount. The severity of the civil fines can affect any company or organization; therefore it will be critical for organizations to comply with the GDPR laws and regulations.
Social media platforms operating in the EU will be required to create opt-in programs for giving consent to sharing an individual’s information. This includes making sure there are no pre-selected boxes on social media platforms allowing individuals’ data to be mined or shared from their social media profiles. Another important aspect of the GDPR is that individuals in the EU will be given the right to be forgotten online. This means that all data about an individual will need to be erased when an individual invokes that right .
How will the GDPR affect digital marketers and advertisers?
Social media marketers rely heavily on customer analytics to predict consumer behavior through the use of ads and direct mail. The GDPR will shake current social media marketing tactics, as marketers’ abilities in obtaining personal information from EU individuals will be hindered substantially. Digital marketers need to have persuasive and creative strategies in place for attracting EU individuals. They also need to provide clear privacy settings providing multiple steps in addressing their use of data collection.
In April 2016, companies and organizations were given a two-year grace period to be prepared for GDPR regulations by May 25th, 2018. During this period, companies were expected to create transparent procedures for data privacy settings and engage in data mapping solutions, so that there are secure options for storing private data and erasing data upon request. If companies do not incorporate these policies, it will lead to serious financial consequences and damage the organization’s PR image. It is critical that the companies provide absolute proof of individuals giving consent to share their information with marketers. A key component to running these procedures smoothly is for marketers to educate users of their new rights and requirements as much as possible.
While the GDPR creates barriers and challenges, it also provides opportunities for new marketing strategies. Marketers who are successful at following GDPR regulations will gain valuable customer relationships based on trust and respect. The GDPR will also encourage marketers to raise the bar in finding innovative ways to re-shape the outcomes of data collection from the online web-space.
 Lubbe, Johan. “The New EU’s General Data Protection Regulation.” Global HR Practitioner’s Handbook, Edited by Lisbeth Claus, vol. 4, pp. 66–86.
 Hubspot. (2018, February 28). What is the GDPR? And What Does it Mean for the Marketing Industry? Retrieved April 19, 2018, from https://blog.hubspot.com/marketing/what-is-the-gdpr