A new global study released by Pegasystems, the software company empowering customer engagement at the world’s leading enterprises, revealed 82 percent of European consumers plan to exercise their new rights to view, limit, or erase the information businesses collect about them. With game-changing EU regulations taking effect in May 2018, businesses must be prepared to comply with these requests or risk millions in government penalties.
The EU’s General Data Protection Regulation (GDPR) will hand European customers ultimate power over all the data businesses store and process on them – from name, address, and phone number to purchasing history, web browsing activity, and real-time location. But saddled with sprawling legacy systems, most enterprises cannot adequately track how and where they store all this information across their siloed organizations. Now global businesses are scrambling to rearchitect their IT infrastructure to prepare for an onslaught of GDPR inquiries. In fact, Gartner predicts that, “by the end of 2018, more than 50 percent of companies affected by the GDPR will not be in full compliance with its requirements.” (1)
Pega surveyed more than 7,000 consumers in seven EU countries to help businesses anticipate how frequently their customers plan to use their newfound rights come May. While awareness of GDPR itself is low today, consumers are overwhelmingly interested in querying companies that hold their personal information. For example, 90 percent want direct control over how companies use their data, while 89 percent want to see the data companies store on them. However, only 21 percent know what GDPR is or what it will enable them to do, indicating that widespread consumer action may be delayed until more awareness of these rights reaches the mainstream.
The survey reveals several other trends for businesses to watch as GDPR moves closer to enactment:
Consumers primarily just want to see what businesses know about them
Among the many new rights that GDPR will grant consumers, they view the ‘right to access’ as the most critical. According to the survey, nearly half (47 percent) identified the ability to simply see the data companies possess on them as the most important right. The top three new GDPR empowerments in the minds of consumers are:
- The ability to be informed about what personal data companies hold on them (47 percent selected as most important)
- The ability to demand companies erase their personal data (22 percent)
- Visibility into knowing when their personal data is used to make automated decisions (9 percent)
Lack of trust can drive more GDPR data requests
Consumers that suspect companies are improperly using their data are more likely to exercise their GDPR rights than others. For example, the survey found that businesses caught selling or sharing customer data with other companies would cause the most alarm for respondants. The top three scenarios that would trigger consumers to launch a GDPR data inquiry include:
- Finding their data was sold or shared with other companies (selected by 45 percent as the top reason)
- Receiving robo calls or telemarketing calls (14 percent)
- Being marketed to for irrelevant products or in wildly inappropriate ways (12 percent)
In addition, 93 percent said they would erase their personal data if they weren’t comfortable with how they thought companies used it.
Retail and Italian businesses will feel the most GDPR heat
The survey showed that retail companies have the most reason to be concerned about GDPR. By far the most respondents selected retail as the industry they were least comfortable with storing their personal data – nearly three times as much as the next closest industry. The top three are:
- Retail (selected by 45 percent)
- Telecommunications (16 percent)
- Government (15 percent)
Among the seven EU countries surveyed (UK, France, Germany, Spain, Sweden, Italy, and The Netherlands), the top three nationalities most likely to use their GDPR rights are:
- Italy (90 percent plan to use GDPR rights)
- Spain (89 percent)
- France (86 percent)
While UK residents were the least likely to act on GDPR at 74 percent, this still represents a significant majority of the country.
To see the complete data from the study, download the eBook, “GDPR: Show Me The Data,” at www.pega.com/GDPR-survey. For information on how businesses can prepare for GDPR, please visit www.pega.com/products/cloud/pega-trust-center/gdpr
“Our study suggests that most consumers will be eager to exercise their power to more tightly control the data businesses store on them,” said Jeff Nicholson, vice president, product marketing, CRM, Pegasystems. “But while the prospect of mass data inquiries may induce panic at some companies, savvy businesses are instead viewing GDPR as a golden opportunity. If businesses set their strategy correctly, the very same infrastructure that will enable them to comply with the regulation can actually underpin future success to deliver better customer engagements.”