The EU’s General Data Protection Regulation (GDPR) is a sweeping piece of legislation that will manifestly change how data is used, protected and controlled. Despite the recent deluge of media coverage, research continuously shows that most businesses are either unprepared or completely unaware of GDPR’s existence.

Whether this is an accurate picture is questionable, however, what is true is that the vast majority of the narrative is negative. In many cases there is simple scaremongering with hyperbolic headlines about punitive fines forcing businesses into bankruptcy or an end to traditional marketing as we know it.

These views are both misleading and entirely missing the point of GDPR. It is a force for good, empowering people, promoting transparency and accountability, and a mechanism to improve marketing, customer service and a host of other business processes.

The point of GDPR

GDPR will be fully enforced from May 2018 and, yes, failure to comply could result in a €20 million fine or 4% of global turnover. The operative word is ‘could’, the regulation was not envisaged as a stick to beat organisations. Rather, the point of GDPR is to create trust between organisation and people regarding personal data.

Without trust there is no future for marketing personalisation, AI, self-driving cars, social media, the internet of things, and a near endless list of existing and emerging innovations.

GDPR rebalances control of data back in favour of people by making transparency a requirement and letting people choose what data they share, how it is used, kept and analysed. It also aims to make data more secure and businesses more accountable for breaches. In short, it will end the unsustainable practices we currently have with data.

GDPR is a driver of innovation and efficiency

To start on the road to compliance, organisations need to invest in data management. This should not be viewed as an onerous task because the benefits of efficient management of data are staggering.

Data management infrastructure enables an organisation to ‘port’, delete and amend all the data they hold on a customer if requested – key requirements of GDPR. It also provides a ‘single customer view’, which many data professionals will tell you is an incredibly powerful tool.

By having all the data and interactions a business has with each customer viewable in one place, customer service, marketing and sales can become much more effective.

For example, how many of us are frustrated that a customer service representative on the phone has no knowledge or access to the complaint we originally emailed or raised on their customer support service?

A single customer view makes that a thing of the past. It’s also the tip of the iceberg as it also prevents duplication of marketing efforts on different channels, facilitates a more effective sales strategy by tracking each customer or clients’ journey, and opens the door to a host of data science technique.

Data science, the advanced analysis of data, is among the many innovations GDPR will better enable or necessitate. Having consented, clean, centralised and accessible data from across an organisation allows in depth analysis and the generation of insights that can improve, among other things, product development, marketing personalisation, sales projections and supply chain management.

However, when it comes to data the quality matters much more than quantity, and again, GDPR provides the answer.

GDPR will drain the swamp

Explicit consent is a crucial component of GDPR. It means that people need to clearly opt-in to receive marketing messages, and permit their data to be analysed and stored by an organisation. This consent can also be revoked at any time. Should marketers be fearful? Absolutely not.

To get GDPR ready, every organisation will essentially need to run a marketing campaign to gain opt-ins for future communications. This might eventually cut a customer database down from 200,000 to 50,000. However, these 50,000 customers clearly want to hear more from a business. Consequently, marketing effectiveness will vastly improve.

Businesses will spend less money on sending high volume ‘spray and pray’ messages and instead focus on a core database of people that are much more likely to buy from them. The quality of marketing messages will also need to be high to maintain consent, which should drive innovation and raise marketing standards across the board.

Finally, the analysis of the impact of each marketing campaign will generate much more meaningful insights because the pool of people is already engaged. Put another way, if you know the people you are communicating with you want to hear from you and you send an email campaign that has terrible results, you know that your message or product was clearly wrong, not that your audience is generally disengaged.

What GDPR demonstrably kills, which is cause for celebration, is spamming.

GDPR will benefit you and me

Most of us have that nagging suspicion that a business knows too much about us, our personal information is being constantly sold to third parties or the database our bank details is on is password protected by the word ‘password’.

We’ve also all probably felt that the marketing message we received was a little too personal, or we could have sworn we explicitly told a company to stop contacting us. All of these thoughts and experiences can leave us feeling powerless. GDPR changes that forever.

No longer do you need to worry what information an organisation is storing on you – you can demand they send it to you and delete the information you don’t want them to have.

Data sold to third parties? Not allowed unless you expressly consent to it. Security of your data improved and penalties for failing to protect it? Check. Opt out of any communication and legal recourse if the company doesn’t comply. Yes!

The list goes on but the result is a complete rebalance of power over data in favour of people and if done correctly, an opportunity for businesses.

GDPR is not a harbinger of doom for businesses but the key to restoring trust with customers and driving innovation and efficiency. It is up to business leaders to embrace GDPR not fear it.

Julian Saunders is founder of data management and GDPR compliance solution PORT.