Over half of UK consumers to activate GDPR rights within a year

The UK consumer response to the General Data Protection Regulation (GDPR) is shifting. SAS research, GDPR: The right to remain private, reveals that more people are activating their new personal data rights, and faster, than expected. At the same time, the Facebook/Cambridge Analytica data scandal has made the majority of consumers either activate their rights, or at least reassess the information they share and how organisations use it.  

 

In 2017, SAS surveyed UK consumers for their views on the regulation, revealing that 42 per cent planned to exercise their rights within a year of GDPR coming into force. However, new research from SAS shows that 31 per cent have already activated their rights over personal data, and 55 per cent will have done so within a year.

 

GDPR came into effect in May, making organisations accountable for personal data protection and giving consumers significant new powers over their personal data. These new powers include the rights to access, query and erase the data held about them by organisations.

 

One chance: the aftermath of the Facebook/Cambridge Analytica scandal

 

UK consumers have been greatly influenced by recent events, including the Facebook/Cambridge Analytica data scandal. Excepting the 12 per cent who were unaware of the story, only a quarter said it had not changed their views on data privacy.

 

The vast majority (88 per cent) of consumers were aware of the scandal and, of those, 72 per cent said it had caused them to either retract data permissions, plan to share less data or review how companies use their personal information.

 

British consumers treat data sharing as a matter of trust and have a low tolerance for data mistakes or misuse, such as having their data shared with third parties without their consent. Almost half (45 per cent) would activate their data rights after only one mistake.

 

However, the research shows that companies can win customers back through respecting data privacy and consent. Customers are most trusting of organisations that promise they will not share data with third parties (39 per cent) or will not misuse their data (36 per cent).

 

David Smith, Head of GDPR technology at SAS UK and Ireland, said: “Organisations only have one chance to get GDPR right. UK customers are embracing their new data rights faster than expected, making now a dangerous time for companies scrambling to achieve GDPR parity.

 

“Businesses that fail to respect their customers or their data risk losing both, sacrificing their competitive advantage and hurting the bottom line. Transparent data management and analytics are crucial, not only to achieve compliance but to provide personalised customer experiences that make consumers more willing to share their data.”

 

A wake-up call for businesses

 

Not all sectors have been evenly affected by GDPR. In particular, social media companies and retailers will struggle to manage the number of incoming data requests from customers. These companies are also the most likely to have their customer data erased or withdrawn from marketing purposes.

 

Other findings from the research include:

• Around 35 per cent of consumers have, or intend, to remove their data from social media companies and retailers
• The greatest number of consumers object to social media companies (43 per cent) and retailers (41 per cent) using their personal data for marketing purposes - supermarkets (37 per cent), insurers (35 per cent) and energy providers (34 per cent) follow closely behind
• Receiving unwanted emails from companies is the public’s most-hated data mistake, with 57 per cent of consumers objecting to it
• Over half (54 per cent) of consumers also strongly object to their data being shared with third parties.