If you’re in the UK, sell in the UK or simply have an interest in the UK, you’ve probably had one big issue on your mind lately: Brexit.
The questions raised by Britain’s vote to leave the European Union are many, and businesses are trying hard to plan for a future that looks more and more uncertain. One big question is how rules and regulations that apply to EU countries will play out in the UK in months and years to come.
Data regulation is one of those areas that has left retailers wondering about what’s ahead.
When it comes to putting regulations in place to protect the data of everyday people, the European Union has been pretty aggressive. The recently adopted General Data Protection Regulation (GDPR), which takes effect in May 2018, outlines how companies must protect and process the personal data of EU residents. And it lays out some hefty fines – up to 4 percent of the annual turnover or €20 million – for non-compliance.
Before the Brexit vote, retailers were looking at how to implement programmes to ensure GDPR compliance. Now businesses may be wondering – does GDPR still matter?
In our view, the answer is overwhelmingly “yes,” for a few reasons.
- It’s unlikely the UK will formally withdraw from the European Union before these regulations go into effect. Your company does not want to be on the wrong side of compliance when they do.
- If the UK wants to continue trading openly in the European Union, it may choose to become part of the European Economic Area, which means GDPR will apply.
- If the UK instead chooses to forge a series of bilateral trade agreements with countries in the European Union, the question of personal data will need to be answered. This will likely mean passing significant enhancements to the UK Data Protection Act that mimic GDPR.
- Finally, when the UK exits the European Union, UK leaders may pass a law stating that all EU laws apply until replacements have been passed. Thus, GDPR would take effect until a new, similar law could get through parliament.
In all of these scenarios, GDPR plays a role, and UK retailers would be wise to comply. Compliance programmes can take two years or longer to fully implement, which means the clock is ticking.
The retail industry did spark a bit of good news recently with stats showing that like-for-like sales in the UK rose a little over 1 perfect in July 2016 compared to July 2015. Let’s take that as a sign of good things to come, if retailers start preparing now for that future.
Does your retail business have lingering questions about GDPR? Are you moving ahead with compliance?
Lee Gregory is a Business Development Director in CSC’s Retail aligned sector, where he helps retailers identify revenue and margin improvement opportunities, as well as reduce and control costs across four key areas: Customer Focused Analytics, Operational Efficiency, Secure Customer Trust and Omnichannel Engagement. Lee has worked with many UK and global retailers in the areas of luxury, fashion, grocery and general merchandise. Connect with him on LinkedIn.