The DPOInsider covers the latest news and developments in data compliance and privacy. The DPO’s favourite weekly read ☕️

This week on DPOInsider, I wanted to do a special edition on a single topic.

Previously I have spoken about how as DPOs, we can easily fall into the trap of seeing data privacy as an obligation.

In fact, many business stakeholders also see privacy like this.

But what if data privacy and compliance can be a differentiator for businesses.

How can privacy be an enabler?

First, the schpeel you’ve all heard before:

• More companies are using more data

• More consumers are concerned about how their data is used

• More consumers continue to expand their online activities (i.e. produce more data)

So why are we (as DPOs, and business stakeholders) not using best-in-class data privacy as something to set us apart from the competition?

The time for this opportunity is now

It’s not entirely new for businesses to use data as a differentiator. Remember back in 2018 when the GDPR came into effect?

Many businesses went beyond compliance, using it as an opportunity to explore the business potential of their data sets.

The short of it was that better data privacy = competitive advantage + improved reputation + business enablement.

But this equation is even more relevant today. Privacy-conscious consumers are increasingly looking for greater assurances that their data and trust are not abused.

These consumers can (and already have IMO) adjust their buying decisions based on their trust in an organisation.

That’s why I believe there’s never been a better time to leverage data privacy as a business enabler.

This opportunity isn’t just for B2C businesses. It also applies to B2B companies.

Yeah, but how do I do this for my business/organisation?

1. Stakeholder engagement - if your senior management team aren’t singing from the same song sheet, then you need to try and instill this mentality at the top. Look at the business’ high-stakes processing activities from a different perspective with stakeholders. Rather than reducing risk, talk about the business opportunities for better processing.

2. Build a clear view of the data you hold - to let data privacy work as a data enabler, you need to understand it. This means getting a clear, up-to-date view of the data at every stage of the lifecycle. I prefer tools that can give me daily updates and are directly plugged into our company’s datasets, as opposed to manual updates from disjointed siloes and departments.

3. However regularly you are doing audits, do it more frequently - if you’re going to pitch better privacy as a USP, then you need to be sure your house is in order. Automated audits can be a great starting point. I’ve spoken to DPOs who run audits once a year. That’s not enough with today’s speed of data onboarding.

4. Scream about your privacy vision - okay, maybe you don’t need to scream, but talk about it in your company’s messaging. Is this messaging reaching consumers when deciding to use/buy your product/service? Also, communicate this internally, so they know how important privacy is for your organisation.

Alright, what else happened this week?

Alright, I’ll leave you all a few links to keep you satisfied.

• The backlash to the UK’s announcement last week to diverge from GDPR. Leading the way - marketers.

• Some privacy experts discuss how GDPR has changed since its implementation.

• Finding the balance between innovation and security in healthcare.

As always, thanks for reading. If you enjoy this newsletter then please do share it with colleagues who would find being a part of this conversion valuable.

And feel free at any point to reply with any questions, ideas or submissions for future editions!