mixmagic - stock.adobe.com

Half of UK consumers to exercise GDPR rights within a year

More than half of UK consumers will exercise their General Data Protection Regulation rights within a year and almost two-thirds will retract or review data use because of the Facebook-Cambridge Analytica scandal, a study shows

More UK consumers are activating their new personal data rights and more quickly than expected, according to a study by analytics, business intelligence and data management firm SAS.

At the same time, the Facebook-Cambridge Analytica data scandal has made the majority of consumers either activate their rights, or at least reassess the information they share and how organisations use it, the study shows.  

In 2017, SAS surveyed UK consumers for their views on the EU’s General Data Protection Regulation (GDPR), and revealed that 42% planned to exercise their rights within a year of the GDPR coming into force. However, the latest research shows that 31% have already activated their rights over personal data, and 55% plan to do so within a year.

The GDPR is aimed at making organisations accountable for personal data protection and giving consumers significant new powers over their personal data. These new powers include the rights to access, query and erase the data held about them by organisations.

The study shows that UK consumers have been greatly influenced by recent events, including the Facebook-Cambridge Analytica data scandal. Apart from the 12% who said they were unaware of the story, only a quarter said it had not changed their views on data privacy.

The vast majority (88%) of UK consumers were aware of the scandal and, of those, 72% said it had caused them to retract data permissions, plan to share less data or review how companies use their personal information.

The SAS study shows UK consumers treat data-sharing as a matter of trust and have a low tolerance for data mistakes or misuse, such as having their data shared with third parties without consent. Almost half (45%) said they would activate their data rights after only one mistake.

More than half (54%) of UK consumers said they strongly object to their data being shared with third parties.

Read more about Facebook and privacy

However, the research shows that companies can win customers back by respecting data privacy and consent. Customers are most trusting of organisations that promise they will not share data with third parties (39%) or will not misuse their data (36%).

David Smith, head of GDPR technology at SAS UK and Ireland, said: “Organisations have only one chance to get GDPR right. UK customers are embracing their new data rights faster than expected, making now a dangerous time for companies scrambling to achieve GDPR parity.

“Businesses that fail to respect their customers or their data risk losing both, sacrificing their competitive advantage and hurting the bottom line. Transparent data management and analytics are crucial, not only to achieve compliance, but to provide personalised customer experiences that make consumers more willing to share their data.”

Read more about the GDPR

The SAS report notes that not all sectors have been evenly affected by the GDPR, with social media companies and retailers expected to struggle to manage the number of incoming data requests from customers. These companies are also the most likely to have their customer data erased or withdrawn from marketing purposes.

The greatest number of consumers object to social media companies (43%) and retailers (41%) using their personal data for marketing purposes, followed by supermarkets (37%), insurers (35%) and energy providers (34%).

The study also shows that about 35% of UK consumers have removed or intend to remove their data from social media companies and retailers, while receiving unwanted emails from companies is the public’s most-hated data mistake, with 57% of consumers objecting to it.

Read more on Privacy and data protection

Data Center
Data Management