Andre Malinowski, head of international business at payment services provider Computop, shares his insight into how planned changes to EU data protection (the General Data Protection Regulation – GDPR) will affect those involved in the multichannel commerce chain…
The rules and regulations relating to how merchants and retailers capture, store, share and process customer and staff data are about to change. It will apply to all EU member states without a need for local legislation. At the start of this year the European Commission unveiled a draft of it’s European Data Protection Regulation which is planned to take the place of it’s previous Data Protection Directive. The purpose of the change is to align and update data protection across the EU. One continent, one law. It impacts not only those businesses within the EU, but also businesses that targets goods or services at EU consumers too.
The regulation is expected to be implemented and enforceable by 2018 and when this happens, all businesses will have to be ready for key changes to how personal data is collected, stored and processed. In addition there are changes to how data breaches are reported. The consequences of non-compliance will increase greatly too. The current draft outlines that fines could be as significant as four per cent of global annual turnover. This in itself is enough of an incentive for merchants, retailers and their financial services partners to sit up and pay attention.
So, could GDPR also stand for a ‘Good Deal of Protection and Rights’ or will it be a ‘Great Deal of Pain for Retailing’? The answer to this lies in where you fit in the multichannel commerce chain:
GDPR and the Consumer
Everyone has a right to the protection of their personal data. When businesses don’t protect their customer’s data then not only are the financial implications but trust is lost.
However, consumers from different countries across Europe currently experience widely varying standards over how well policed their personal data is. Some countries like Germany and Spain already have tight data protection regulations, but others less so. A recent survey quoted by the European Commission outlines that more than 90 per cent of Europeans say they want the same data protection rights right across the EU. GDPR is nothing but good for anyone that shares their personal data with an organisation and is an essential step to strengthen the rights of citizens and consumers in the digital age.
Not only should consumers have the right to have their personal details kept safe, but they should also have the right to complain and obtain redress if their data is misused. GDPR will give consumers more control over their personal data. It will make it far easier for them to access and manage it, delete it ‘the right to be forgotten’ and to know when their data has been hacked. I don’t think you’ll find many people that would argue that GDPR isn’t good news all round for the consumer.
GDPR, Multichannel Retail and Payment Processing
Similarly, I think you’d struggle to find a retailer who would not welcome simplification of rules and regulations applying to their business. For any business operating across EU country boarders, it will be far easier to comply with one set of rules instead of 28. However, this alignment comes at a cost to business. Attitudes, processes and IT policies need to change. Data protection needs to be ingrained into a business by design and default. That’s easier said than done retrospectively when dealing with legacy systems and data.
Systems and products must be built from the bottom up around privacy and the default position must only be to collect sufficient data for the precise processing involved. Privacy Impact Assessments must be carried out and evidenced where new technologies are being deployed. This all amounts to increased effort and costs for the industry.
Companies with over 250 employees are expected to have to appoint a data protection officer and start developing metrics to measure the status of privacy efforts. They are required to create reports of compliance that will be required as part of the business’ annual report.
Payment service providers are already strongly regulated by PCI and other data protection measures, however, even then they will still need to evaluate whether they comply with the new laws. Many are already investigating introducing value added services to protect data accordingly and reduce the investment effort for merchants. In addition to the steps above, the payments industry can support customers by having joint obligations and liabilities for data controllers and data processors, preparing and implementing mandatory policies and procedures and testing data breach plans.
Key steps to help prepare for GDPR
The current bill is still in its draft stages. However, those are very late draft stages and the bill being passed and ultimately enforceable is not far away. There are some practical steps that merchants, retailers and payment partners can be preparing for now:
- Put GDPR on the boardroom agenda – Make GDPR a board level task, give it the right attention
- Investment – Don’t underestimate the investment needed to implement these new rules – build it into business plans now
- Policy and procedure – Prepare privacy policies, procedures and documentation and keep them up to date. Data protection authorities will be able to ask for these during audits
- Process – Implement a notification process to report possible breaches and review incident detection, management and response process and capabilities
- Training – Implement regular training for all staff to generate awareness and understanding
- Recruit or cross skill now – If your business employs over 250 employees, think now about who will fulfil the role of the data protection officer. Do you need to hire or cross skill staff?
- Tackle ‘Rights’ head on – Develop a strategy and process to fulfil the consumer’s ‘right to be forgotten’, ‘right to erasure’ and ‘right to data portability’
- Privacy by design – ensure that privacy by design requirements are included in all make and buy strategies going forward
Whilst GDPR is perhaps long overdue and much needed, there’s no doubt that it will pose a significant challenge to multichannel retailers and their partners. Policies, procedures, technologies, training and staff will all need investment to achieve compliance. Companies that delay assessing the impact of the regulation on their business now are at risk of investing in resources and services that will be obsolete in two years’ time. Don’t let GDPR become a Great Deal of Pain for Retail. Take action now.
Honda’s part self-driving Legend a big step for autonomous tech
TOKYO (Reuters) – Honda Motor Co Ltd on Thursday unveiled a partially self-driving Legend sedan in Japan, becoming the world’s first carmaker to sell a vehicle equipped with new, certified level 3 automation technology.
The launch gives Japan’s No.2 automaker bragging rights for being the first to market, but lease sales of the level 3 flagship Legend would be limited to a batch of 100 in Japan, at a retail price of 11 million yen ($102,000).
Still, the new automation technology is a big step towards eliminating human error-induced accidents, chief engineer Yoichi Sugimoto told reporters.
The Legend’s “Traffic Jam Pilot” system can control acceleration, braking and steering under certain conditions.
Once the system is activated, a driver can also watch movies or use the navigation on the screen, helping to mitigate fatigue and stress when driving in a traffic jam, Honda said in a statement.
It can alert the driver to respond when handing over the control, such as vibration on the driver’s seatbelt, the carmaker said. And if the driver continues to be unresponsive, the system will assist with an emergency stop by decelerating and stopping the vehicle while alerting surrounding cars with hazard lights and the horn, it added.
The announcement comes after the Japanese government awarded a safety certification to Honda’s “Traffic Jam Pilot” in November.
Global automakers and tech companies, including Google parent Alphabet Inc’s Waymo and Tesla Inc, have been investing heavily in autonomous driving.
Yet even as the technology advances, regulations on autonomous driving differ from country to country. Audi unveiled an A8 sedan with level 3 technology in 2017 but regulatory hurdles have prevented it from being widely introduced.
Honda has no plans to increase production or sales of a level 3-equipped Legend for now, its operating officer said on Thursday.
($1 = 107.3400 yen)
(Reporting by Eimi Yamamitsu; Editing by Shri Navaratnam and Emelia Sithole-Matarise)
Airbus to avoid redundancies in Germany, France, Britain
BERLIN (Reuters) – Airbus will make no forced redundancies in France, Germany and Britain, the European planemaker said on Thursday, as it reached an agreement with a German trade union to protect jobs until the end of 2023.
A spokesman for Airbus, which has been hit hard by slumping demand for aircraft in the coronavirus crisis, said other measures – such as voluntary redundancy programmes, early retirement or internal transfers – had been agreed instead.
Negotiations started later in Spain, the spokesman said.
Airbus has been struggling to reach targets to cut staff as part of a restructuring plan affecting up to 15,000 jobs, especially at its headquarters in France and in German plants, sources had earlier told Reuters.
The IG Metall union and works council representing Airbus workers in Germany said they had agreed with the aircraft manufacturer on an overall package to safeguard employment and sites in the country until the end of 2023.
About 1,300 employees at Airbus Germany and 1,000 at Premium Aerotec, a subsidiary that makes large plane components, took voluntary redundancy between November and February, Holger Junge, head of the group works council, told a news conference.
“Production figures have stabilised,” Junge said. “But we have not overcome the crisis.”
Airbus agreed to avoid further job cuts through short-time work and reducing hours by up to 20% from 2022, he said. Airbus employs about 55,000 people in Germany.
In January, Airbus stuck to ambitions for a partial recovery in jet production later this year, although there is speculation that it may have to delay that due to extended coronavirus lockdowns in Europe. [nL1N2JJ1DU]
(Reporting by Christina Amann and Alexander Huebner, writing by Emma Thomasson, editing by Thomas Escritt)
Shell changes senior UK leadership in global overhaul
By Ron Bousso
LONDON (Reuters) – Royal Dutch Shell is changing the senior leadership of its operations in Britain as part of a global overhaul to cut costs and shift away from oil and gas to renewables and power.
Under the changes, which have been announced internally, country chair Sinead Lynch will become Shell’s global head of low-carbon fuels, a company spokeswoman said.
Lynch, who joined the Anglo-Dutch company in 2016 following its acquisition of BG Group, will be replaced by David Bunch who currently runs Shell’s retail business across Europe and South Africa. Bunch joined Shell in 1997.
The changes will take effect in August when Shell rolls out project Reshape, its biggest restructuring in decades as part of plans to reduce carbon emissions to net zero by mid-century and build a large low-carbon and power business.
Under the overhaul, Shell will cut 9,000 jobs, or more than 10% of its workforce.
As part of the management changes, Steve Phimister, head of Shell’s oil and gas operation in the North Sea since 2017, will be replaced by Simon Roddy, currently deputy managing director at Shell’s Nigerian onshore oil and gas joint venture SPDC.
Phimister’s new role in the company has yet to be announced.
Shell has gradually reduced its oil and gas operations and refining business in recent years but Britain remains an important market. The North Sea will remain one of nine main oil and gas hubs, the company said last year.
Shell also has a large retail network in the country and plans to significantly boost its electric vehicle charging point network. In January it agreed to acquire Ubitricity, the largest public EV charging network in Britain with over 2,700 points.
Shell’s European rivals including BP and Total have also set out ambitious long-term plans to slash greenhouse gas emissions and build large renewable energy businesses.
(Reporting by Ron Bousso; Editing by David Clarke)
Cannon Wealth Solutions Discusses The Need to Rebalance Portfolios and Monitor Risk
By Robert Cannon, the CEO of Cannon Wealth Solutions. The world in 2021 is significantly different after a year of...
Five ways to mitigate the risk of AI models
By Dave Trier, VP of Product at ModelOp In recent years, the banking industry has been at the forefront of...
Honda’s part self-driving Legend a big step for autonomous tech
TOKYO (Reuters) – Honda Motor Co Ltd on Thursday unveiled a partially self-driving Legend sedan in Japan, becoming the world’s...
Airbus to avoid redundancies in Germany, France, Britain
BERLIN (Reuters) – Airbus will make no forced redundancies in France, Germany and Britain, the European planemaker said on Thursday,...
Duo glide around world’s largest fountain in Dubai
Paragliders Llorens and Goberna take magical flight above the Palm Fountain. Horacio Llorens and Rafael Goberna defied gravity to perform...