With the help of a booster-seat, Mark Zuckerberg sat very much under the media spotlight in April, while the way his organisation, Facebook, used customers’ personal data was scrutinised. The pressure is still very much on Facebook at the moment, although we can be sure it’s not the only technology giant that’s been digging through our personal data and using the insight to propagate their businesses.

But who will be the next up on the naughty step? Some say it could be Google, Amazon or Apple. These organisations have had free rein over customer data for over a decade, and it’s only now with the emergence of new data regulations that individuals are being given power over their own data. However, it could equally be a major bank.

EU regulations like the General Data Protection Regulation (GDPR) detail the ways all institutions must record, process and share their customers’ personal data. It provides organisations with clear guidance and best practice for data governance – welcome assistance for UK organisations large and small.

What the large organisations have been doing with our data

Technology giants like Google, Amazon and Apple have shown other industries the value of collect data on customers, and the financial industry in particular has very valuable data on their consumers. It’s only the introduction of GDPR that personal data is getting a definition and given more respect.

Personal data includes anything from email addresses, location, IP addresses, names, relationship status, likes, dislikes, preferences, political views, weight, height, heart rate, age – the list goes on. This information gives invaluable insight for organisations, as well as advertisers, product and service testing and, if the rumours are to be believed, even the manipulation of our behaviour.

What’s changed with data regulation?

It’s on everyone’s lips at the moment, and in everyone’s email inbox – GDPR has changed the status quo on data protection, or rather written a new one entirely. As we’ve seen with the recent Facebook and Cambridge Analytica investigation, it has become apparent it’s definitely needed as organisations seem to have been extensively collecting, sharing and using customers’ personal data without much consideration for ethics. It’s also clear that individuals aren’t happy with this and want control over their personal data again, with Facebook shedding a little over $100 billion in value following the investigation, and Cambridge Analytica having to cease operations.

The introduction of GDPR will see the financial industry face the same strong financial penalties for misuse of their customers’ personal data with the hope of deterring the behaviour seen from the tech industry. But are these penalties strong enough? Will FinTech start-ups struggle to comply with the regulation while the tech giants’ armies of lawyers manage to find a way around it through loopholes? It’s unknown exactly what the effect will be, though it will hopefully drive a new era of data governance best practices, which will benefit UK businesses’ bottom line.

What this means

The Fourth Industrial Revolution Report (4IR) found GDPR was the regulation dominating large UK organisations’ data governance programmes at 26 percent. Since the report launch, UK companies have had a bit more time to prepare for the regulation, it will be interesting to see how they have gotten on since then.

The 4IR Report also found that 56 percent of respondents felt their organisations were doing “reasonably well” at implementing data governance programmes. With the increase in scrutiny and pressure in light of GDPR this year, we may see a more negative response.

A lot has changed in data governance in the last three years, once a topic of IT professionals, it’s now drawn the attention of billions throughout the world. The pressure is on for organisations to comply with new data regulations, or face significant financial and reputational damage as a result.

46 percent of UK businesses believed the Government was doing an excellent job educating organisations about GDPR. As we wait for the first victims of the regulation, we wonder whether this sentiment has changed at all.

So, will we see UK organisations leading the way by sharing the best data governance practices with world?