THERE is nothing wrong with companies collecting data and it is often in people’s own interest that it is collected, but they must have control over it and that’s the strength of the General Data Protection Regulation that the European Union has introduced.
The strength of GDPR lies in the way it gives power to individuals over their own data. You can’t blame a business for trying to collect all the data it sees fit to collect.
Companies need data and in many cases we actually want them to collect and use it. Just look at fingerprint-enabled access to your phone. It’s convenient and it makes your phone more secure. But somebody has to collect and store your fingerprint data in order for that to work. That’s just one example and of course we can all think of plenty more.
However, it is important for the meetings industry to meet the new requirements.
From a legal standpoint, if people are using apps, in-room entertainment, or rewards programmes, then by most accounts, they’re agreeing to submit some personal data.
As long as the apps or membership programmes – or whatever tool is being used to collect data – give proper notification, and as long as they offer people a clear and easy way to opt out or have their data erased later on, and as long as they’re following other GDPR-type standards, they’re square by the law.
Marc Gagné is a lawyer based in Ottawa, Canada, specialising in cyber security and data privacy
