The UK consumer response to the General Data Protection Regulation (GDPR) is shifting. New research by SAS, ‘GDPR: The right to remain private’, reveals that more people are activating their new personal data rights, and faster, than expected. At the same time, the Facebook/Cambridge Analytica data scandal has made the majority of consumers either activate their rights, or at least reassess the information they share and how organizations use it.
In 2017, SAS surveyed UK consumers for their views on the regulation, revealing that 42 percent planned to exercise their rights within a year of GDPR coming into force. However, the new research shows that 31 percent have already activated their rights over personal data, and 55 percent will have done so within a year.
GDPR came into effect in May, making organizations accountable for personal data protection and giving consumers significant new powers over their personal data. These new powers include the rights to access, query and erase the data held about them by organisations.
UK consumers have been greatly influenced by recent events, including the Facebook/Cambridge Analytica data scandal. Excepting the 12 percent who were unaware of the story, only a quarter said it had not changed their views on data privacy.
The vast majority (88 percent) of consumers were aware of the scandal and, of those, 72 percent said it had caused them to either retract data permissions, plan to share less data or review how companies use their personal information.
British consumers treat data sharing as a matter of trust and have a low tolerance for data mistakes or misuse, such as having their data shared with third parties without their consent. Almost half (45 percent) would activate their data rights after only one mistake.
However, the research shows that companies can win customers back through respecting data privacy and consent. Customers are most trusting of organizations that promise they will not share data with third parties (39 percent) or will not misuse their data (36 percent).
Not all sectors have been evenly affected by GDPR. In particular, social media companies and retailers will struggle to manage the number of incoming data requests from customers. These companies are also the most likely to have their customer data erased or withdrawn from marketing purposes.
Other findings from the research include:
- Around 35 per cent of consumers have, or intend, to remove their data from social media companies and retailers;
- The greatest number of consumers object to social media companies (43 percent) and retailers (41 percent) using their personal data for marketing purposes - supermarkets (37 percent), insurers (35 percent) and energy providers (34 percent) follow closely behind;
- Receiving unwanted emails from companies is the public’s most-hated data mistake, with 57 percent of consumers objecting to it;
- Over half (54 percent) of consumers also strongly object to their data being shared with third parties.