EU GDPR , not hard to address - just think differently

When I am discussing with clients the potential impact on their business processes of the forthcoming EU General Data Protection Regulation (GDPR), I am invariably asked for an example and I always endeavour to identify one appropriate for their business environment.

Imagine therefore, my delight when one, which is applicable to more than half the UK population, landed literally on my mat this morning.

The example in question was a letter from our local Electoral Registration Officer (ERO -the council chief executive) explaining that there are now two versions of the electoral register: the existing ‘electoral register’ and the new ‘open register’, but I didn’t need to do anything as I had automatically been put on both.

In the UK, the electoral register lists the names and addresses of everyone who is registered to vote in public elections, it is also used for detecting crime, calling people for jury service and checking credit applications. The new open register is an extract from the electoral register which can be sold to any person, company or organisation, in most cases for marketing by the person buying and to raise income for the ERO selling.

One of the central requirements of the forthcoming  GDPR is that there is ‘explicit consent’ for the use of personal information, with a few exceptions for national security and public health. Therefore under the Regulation, rather than the wording of my letter being ‘Your name and address will be included in the open register unless you ask for them to be removed’. The wording needs to state ‘Please confirm you are willing for your information to go on the open register’.

This may make my ERO balk, because rather than a few members of the electorate ringing up his team to be taken off the open register i.e. ‘opt-out’, his team would potentially have to deal with a much higher number of requests to ‘opt-in’.

However, if the ERO looks again at the process; each year he sends a letter to the ‘head of the household’ requiring them to list the names and dates of birth all residents who will be 18 before the next election. It would be a simple change to require there to be a signature against each name confirming that that person wishes either to ‘opt-in’ or ‘opt-out’ of the open register. This should be compliant with the GDPR and as a bonus it could reduce the current opportunity for electoral fraud.

As I said in a recent AIIM webinar organisations need to see the GDPR as an opportunity, not an overhead, those that don’t will be caught by the regulator and it will cost, both in reputation and fines (up to €1 million or 2% of annual global sales). My suggested change to process will not cost the ERO any more than now, and may even save him the costs of some of his team answering calls from the worried electorate.

Data as a Service = intelligence on-demand

Oracle’s Data as a Service (DaaS) solution (already unofficially dubbed Oracle Data Cloud) could be a key differentiator for a wide range of organisations, but will be of particular advantage to smaller businesses, giving them more business intelligence breadth than larger rivals.

DaaS exploits both the data platform gained through Oracle’s acquisition of BlueKai, earlier in 2014, and its recently announced Oracle Big Data SQL. The BlueKai Audience Data Marketplace is a highly regarded tool for personalising marketing campaigns. Oracle Big Data SQL, announced last week at the Interact 2014 Summit provides a single tool query across Oracle Database, Hadoop and NoSQL.

Intended to be linked into other Oracle applications, DaaS not only supplements, but fills in the gaps in organisation’s business intelligence, by using Oracle’s cloud to pull and cleanse information from publically available sources, to give ‘trustworthy’ and ‘transparent’ information. Basically it is using Oracle’s cloud services as an intelligence function, and is of course most immediately relevant to organisations with an existing Oracle infrastructure, whether on-premise on cloud.

Available by subscription, there are two initial flavours of DaaS. The first, Oracle DaaS for Marketing, which brings in a reported one billion profiles and information from 300 Oracle partners, is available now. The second, Oracle DaaS for Social, reportedly gathers information from in excess of 700 million social messages and items of news data collected from 40 million sites including Facebook and Twitter, but is only available on application to Oracle.

DaaS for Marketing and Social are certainly the ‘low-hanging fruit’ from the BlueKai acquisition. However, the potential of DaaS in other areas where Oracle is a major player, such as Sales and Recruitment applications, to speed process and reduce risk will be of significant benefit to those enterprises already on an Oracle infrastructure. 

Oracle DaaS goes up against IBM’s Watson Content Cloud and services provided by the likes of Experian, I expect other providers to follow suit.

However, here’s a thought; Oracle could ‘steal a march’ on its rivals by giving DaaS integration into its rivals enterprise platforms. After all, organisations, which often have multiple enterprise systems will not want multiple ‘trustworthy’ and ‘transparent’ ‘Data Clouds’.