How GDPR can open opportunities for APAC businesses
By Royce Teoh, Head of Digital Solutions, ASEAN, Oracle Asia-Pacific
When Tim Berners-Lee, the inventor of the World Wide Web declared data to be the “new raw material of the 21st century” back in 2011, he was perfectly describing the direction many economies were heading – from industry to insights and intelligence.
But in recent years, data has broken rank with the orderly way many other commodities adhere to time-honoured economic principles. Unlike other raw materials, the more plentiful data has become the more valuable it has become.
The European Union’s General Data Protection Regulation (GDPR), coming into effect this May, will be the latest legislative move to standardize and safeguard the use of data. GDPR will put in place a clear, single set of rules relating to how data can be used. This will enable end users to have more control over their data.
While it may seem to affect only businesses residing in the EU, this does not mean that businesses in the Asia Pacific (APAC) region will not be affected. With GDPR, organizations will have to make changes within their existing security architecture to meet new requirements. These changes should concern APAC businesses, given close business ties with the EU region. Singapore, for one, is the EU's largest commercial partner in ASEAN, accounting for about one-third of EU-ASEAN trade in goods and services, and roughly two-thirds of investments between the two regions. Adhering to new GDPR guidelines will thus be important for APAC business partnerships with the EU. This will necessitate changes to ensure compliance with new guidelines.
An opportunity, not a chore
The new regulation may feel like a burden to some, but it should be seen as an opportunity to help organizations make the most of their data. We are moving to a world driven by connected devices, the Internet of Things, and new forms of artificial intelligence.
Data can help them identify opportunities to cut costs or open up new markets
Additionally, the data a business owns can be the difference between spotting the next big opportunity in their market or seeing a rival power past them. That data can help them identify opportunities to cut costs or open up new markets. It has a value that needs to be not just acknowledged but recorded and accounted for.
A worldwide survey by Gartner asked respondents to rate their organizations according to Gartner's five levels of maturity for data and analytics. The survey revealed that 48 percent of organizations in APAC reported their data and analytics maturity to be in the top two levels. This compares to 44 percent in North America and just 30 percent in Europe, the Middle East, and Africa (EMEA).
With this in mind, APAC businesses already have a head start, and are more mature when it comes to data analytics, compared to their global counterparts. Businesses in the region are well-poised to benefit from stronger data management to enhance their use of data, ultimately mining more strategic opportunities for their organization. In other words, given their maturity with data, there is more to gain for APAC businesses when GDPR finally implements in May 2018.
Regulations on the rise
Building on this, businesses should view GDPR as an opportunity to better align their organizations. Data protection regulation will only become more nuanced, and a clear view of how data moves across the business will be critical to staying on top of change – in addition to helping companies work more efficiently.
In the same way business finances are carefully audited, detailed, recorded and regulated, the recognition of data is reaching a similar point of maturity. The financial good governance of a business is inextricably linked to its value, and the same can be said of data.
In this regard, data is maturing in a similar way to other raw materials. Its discovery and the creation of ever more efficient ways to mine it and collect it hinted at an inherent value. But its true value only started to be unlocked once people started creating things using the raw material. Now those uses of data have reached such a level of value to business, it is becoming subject to more stringent standards and controls to safeguard its value and availability while ensuring its responsible usage.
Seizing the opportunity of the data economy
In conclusion, businesses in the region should not wait passively for GDPR to arrive and do the minimum required in the name of compliance. By acting now, companies will guarantee their approach to data is compliant and gain the confidence to continue delighting customers with better, more personalized services. Major changes can in turn bring about major opportunities, but only for organizations that are proactive and look beyond short-term regulatory burden.