British retail businesses are less prepared to comply with the General Data Protection Regulation (GDPR) than their German and French counterparts and are also more likely to view data transfer as a significant threat to their business. This was the overall finding of a survey of 277 senior British, German and French retail executives conducted by Oliver Wyman. The survey aimed to explore the risks and opportunities associated with GDPR, which comes into effect on 25 May.

The research found that:

• 46 per cent of senior retail executives in the UK say their organisation will not be fully compliant with GDPR when the law comes into effect;
• this compares with 32 per cent in Germany and 39 per cent in France said their organisation will not be fully compliant;
• 71 per cent in the UK believe that data transfer poses a ‘significant threat’ to their organisation;
• this compares to 65 per cent in Germany and 56 per cent in France;
• a minority – 17 per cent – of executives across all markets view GDPR purely as an opportunity;
• 78 per cent report that owning, managing and working with customer data plays an important role in their business;
• 26 per cent say it is “fundamental to everything they do as a business”;
• on average, organisations are devoting 10 employees, including six new hires, to GDPR in an effort to ensure compliance
• 56 per cent of executives say their companies are introducing stronger data security measures to increase customer’s trust;
• 40 per cent are exploring price and service incentives for customers who don’t request that their data is deleted or transferred.

Consumers unconcerned about data privacy

The impact of GDPR could be marginal unless there is a fundamental shift in consumer behaviour, warned Oliver Wyman's Duncan Brewer, who commented: “While UK retailers are taking GDPR seriously and investing resources in the lead up to the enactment of the EU regulation, it appears they are claiming to be less prepared and more likely to view the legislation as a threat than those in other European markets. Across Europe our research shows that senior retail executives are very concerned about data deletion and transfer. Yet it would require a fundamental change in consumer behaviour for retailers to be inundated with customer requests as we are seeing little concern for privacy among consumers. Most consumers are likely to continue to offer their data in exchange for improved services and convenience.”

---

CTMfile take: The survey shows that retail organisations are devoting 10 employees, including six new hires, to the task of GDPR compliance. How does your organisation compare in terms of dedicated personnel?