With Europe’s General Data Protection Regulation (GDPR) heading into its second year, many companies are using the milestone as an opportunity to re-evaluate data strategies and take a fresh look at the data privacy landscape.

We recently covered the latest implications of GDPR and what’s in store for businesses and data privacy in the year ahead, including more regulation and steeper fines for non-compliance. In this post, we tackle the topic from the consumer’s perspective.

A recent Wired article offered readers a personal guide to data and who’s using it. The piece serves as a great resource for anyone living in today’s data-driven world, while also providing some great insights for business leaders navigating the ever-changing world of data privacy.

Why does it matter?

Because data is fast becoming today’s most valuable business asset—if it’s not already. According to the Wired guide, “Data powers today’s most profitable corporations, just like fossil fuels energized those of the past.” When it comes to data, it’s not just how much you have, it’s what you do with it that counts. This includes capitalizing on improved internal efficiencies, better decision making, and faster innovation—or simply selling existing data to fuel new revenue streams.

According to the Wired article, the most sensitive data stored online includes people’s health records, banking info, social security numbers, and the like. But personal data collection and usage does not end there. Social media posts, location data, Google searches, and even how people use their phone’s touch pad are all being tracked and analyzed to improve sales conversions and create better experiences. Personal data is also being used by artificial intelligence to train systems and help spot fraud and criminal activity, among other things.

Data brokers are also in the mix, collecting and selling information on people that’s already in the public domain, like marriage licenses and real estate transactions, or buying it from businesses like retail stores. They then turn around and resell the data to others. In total, “American companies alone are estimated to have spent over $19 billion in 2018 acquiring and analyzing consumer data,” according to the article.

As a result of the Cambridge Analytica scandal in early 2018, consumers today are at least somewhat aware that their data is being collected and used in exchange for many of the free services they use everyday, including social media platforms and mobile apps. But only the digitally savvy know all the ways personal information is being used and whose hands it ends up in. This includes not just advertisers, but also academic researchers, law enforcement, foreign governments, and even hackers.

What can businesses do?

Today’s new emphasis on data privacy could actually be a positive development for businesses. Below are just a few ways that you can build on your GDPR efforts and be better prepared for what’s next:

1. Build Digital Trust: More than ever, customers only want to do business with companies they trust. In today’s digital age, this requires clearly communicating with customers on data collection and usage and letting them know you are in compliance with local regulations.

2. Revisit Data Strategies: There’s no better time than now to look at how your data strategies address consumer privacy, especially for areas like customer data monetization and proactive offers and engagements. This includes looking at ways to further classify and categorize data to derive great insights and improve efficiency.

3. Be Better Prepared for New Regulations: GDPR was just the start. Forthcoming data privacy regulations are coming from all around the world. Evaluate your company’s performance since GDPR went into effect and identify areas of improvement. Make adjustments and use the newfound knowledge to improve your company’s execution for the next regulation.

To learn more, including how companies are improving data classification and driving cultures of compliance, check out this recent APEX of Innovation post on data sovereignty.