GDPR: The Key to Unlocking the Value of a Digital Single Market is Automated Voluntary Consent that is Controlled by Me


The question is how?

Consumers want three things:

  1. Convenience
  2. Privacy
  3. Control

The business wants:

  1. Simple integration
  2. To make money

Now how do we align these two stakeholders?

First we need to understand that the Internet was never designed with either security or privacy in mind.

It was also never designed to know who I am, what device I’m connecting with, or where I am. (Source)

So how do we solve these problems AND show that business can profit from Privacy?

There are three design considerations:

  1. A cloud-based consent service
  2. The business manages the consent mechanism
  3. The consumer simply transmits the consent each time they connect

Two of those options cost money to implement and maintain – one of the options makes money and is self-maintaining.

Without getting too technical let me explain.

Option 1 takes the building and maintenance away from the business, but due to its design introduces a liability. Why? Because if for any reason the third-party service is not available then the business is out of compliance. And the only business model the service has, is to charge the business as a broker of consent. Considering how many transactions will require consent the undertaking for monetization at scale is daunting and a cost to the business which lowers margin.

Option 2 is costly to build and maintain. However, it does offer a unique advantage — the business is only out of compliance if their business is unavailable. They’ve removed a third-party operational impact; however, they’ve increased their own costs which again lowers margin.

Option 3 (there’s now an app for that) is the simplest, cheapest and easiest to implement. Why? Because of its unique design. Each time the consumer connects to your business via the Internet the Web connection carries their real-time consent information in the form of encrypted data that can then be decrypted and read with a simple script. For more information on how the technology supports your business model click here.

Consent should always be voluntary – I should have a choice in what data I give for what I receive, and from whom I receive it. By allowing the consumer to remain in control of the collection, flow, use and assignment of their private data, the business can build a more trusted relationship with the consumer without costly infrastructure changes.

This now aligns the consumer with the business and turns privacy into a competitive advantage that can also be profitable.

Posted in: GDPR, Privacy by Design

Email Subscription