Recent penalties against Google and Vodafone underline need for stronger data strategies
Google and Vodafone Spain recently faced a €14 million fine by the country’s data protection authority, with reports revealing that the total number of fines for GDPR enforcement now totals €1.6 billion.
Almost half of this total relates to a single payment: a €740m fine issued to Amazon by Luxembourg’s data protection watchdog in July last year.
The fine was a result of a collective complaint filed by 10,000 people who argued that Amazon’s targeted advertising system used their personal data without their consent. The e-commerce giant is in the process of appealing the ruling.
New data privacy rules
Four years after the General Data Protection Regulation (GDPR) came into effect in the EU, the threat of fines for businesses continues to grow as a host of new regulations and enforcements are set to come into effect this year, including the Data Governance Act and ePrivacy Regulation.
Data consultancy Dufrain has urged telcos businesses to do more to ensure they have proper data governance processes in place to protect both themselves and their customers from data breaches.
Gerry Goodwin, sales director at Dufrain, said: “The fine imposed on Google and Vodafone shows that, four years on from the implementation of GDPR, the regulators are as stringent as ever in its enforcement.
“Focusing on implementing a data strategy that encompasses all aspects of data usage, ownership and management is vital for avoiding potentially crippling fines, especially as the world becomes increasingly digital.
”In the first instance, that means knowing where all their data is and how its stored and used, both to mitigate data breaches as much as possible, but also to ensure that they can make the most of the data in a compliant way to develop the business and drive growth.”
Mitigating the risk
Dufrain outlines the following steps telcos can take to manage their data effectively and mitigate risk.
- Sorting out unstructured data
Unstructured data, that is data held by an organisation that cannot be used or detected by technology, presents a serious compliance risk for telcos, which are typically exposed to huge amounts of personal customer information.
Common examples of unstructured data include emails, PDFs or documents saved via Microsoft Teams, but data left in this way can mean businesses breach data protection laws and face the threat of potentially crippling fines.
Bespoke technological solutions can be implemented to bring unstructured data under control in the same way as structured data, making it easier to manage and mitigate risks before they arise.
- Prepare properly for mergers and acquisitions
Deal value for M&A in the telecommunications sector rose by 48% in 2021 with ‘scale deals’ – when companies merge to increase market share – making up the bulk of activity.
To reap the full benefits of M&A activity and scale up, the data of the two companies must be combined. However, this migration is often slow and inefficient as businesses have to merge masses of data from many disparate systems. Technical solutions that are designed to speed up and simplify the data migration process can be extremely cost effective and allow businesses to properly integrate data from an acquired or merged business into their reporting.
Ensuring that businesses have oversight of all data guarantees it is stored properly, while also driving better informed business decisions and profitability.
- Implementing a strong data governance strategy
By developing an overarching data governance strategy, businesses improve the quality of data to drive effective decision making for the future while also ensuring that all information is stored safely to eliminate the threat of fines for non-compliance.
Data consolidated in one central, organised system means that insights from all areas of the businesses can be drawn upon to inform decisions that enable growth and better meet customer needs.