On May 25th, the European Union's General Data Protection Regulation will replace the current European Data Protection Directive which only 36% of marketers have heard about. This new regulation is intended to enhance and unify the efforts currently in place to protect personal data. The GDPR applies to every organization that processes, transmits and stores personal data of EU residents. This includes organizations that are outside of the EU that offer goods and services in the EU or processes data of EU citizens. This also applies to data collected within community engagement efforts. Let's look at The GDPR as a step in the right direction to empower citizens as data owners and encourage public participation.
"Because this can affect the engagement process, it is essential that we assure participants that their information is in a safe space."
GDPR has embraced the concept of data portability, which administers a clear record of personal data so consumers can choose how they want their data displayed, if at all. This gives EU citizens the power to decide if and when they want their data to be removed from any company - essentially 'the right to be forgotten'. This empowers citizens to feel safe participating in online civic engagement as they can easily have their information removed at any time. Because this can affect the engagement process, it is essential that we assure participants that their information is safe. Using an online engagement platform for a consultation process has proven to increase response rates while centralizing data in a safe space.
GDPR requires citizens to be notified if a breach has taken place within 72 hours. This regulation encourages people to look at how their information is being used which intends to give citizens a sense of peace knowing who collects their personal data and what kind of data they collect. Understanding the significance of personal data collection commences with which data is generated and how it is being collected, used and dispersed. Informing citizens of how their personal data is used will create a sense of transparency and accountability which will empower digital civic engagement.
Ready to learn more?
Register for our Data Privacy for Community Engagement - GDPR and more webinar to find out more about general data security, GDPR and how it empowers civic engagement!
Companies that process large amounts of data must have a data protection officer (DPO) in place. A DPO is responsible for comprehensive record maintenance, staff training, company eduction on data processing, and acting as the company's point of contact with the GDPR Supervisory Authorities. Essentially, a DPO is there is ensure that The GDPR is followed.
All countries tend to have a privacy/data act of some sort, but we must question what extend it protects citizens in 2018 versus when they were drafted. Many companies have already released new terms and conditions along with privacy policies. The EU's GDPR should be a start in the right direction for the future of data rights as a fundamental civic right. Citizens place generous amounts of value in their personal data which is strongly considered as a personal asset. Companies are constantly collecting data from the personal information that people freely share.
Communication has shifted to a point where it is conducted mostly online through network platforms. An engagement platform provides a safe space to store all of your stakeholder engagement. We need to start the discussion surrounding data collection transparency, data protections and empowering citizens with their personal data. The GDPR is a foot in the door concept to acknowledging that data rights are now civic rights. Hopefully The GDPR will form conversation about empowering citizens with personal data rights which should now be seen as civic rights.