Once GDPR Goes Live, Users Want Identification Data Deleted

The new law could drain value from marketing databases

When it comes to the types of data that users want deleted after the EU's General Data Protection Regulation (GDPR) goes live, identification information stands out from the crowd.

In an April 2018 survey of 6,000 internet users in Europe by Capgemini, 61% of respondents said they want personal information like their passport and social security numbers to be deleted by organizations who they think should no longer use their data. Respondents were much less adamant about forcing companies to delete their data related to social media connections, location history and spending habits.

GDPR, which becomes enforceable on May 25, states that user data can only be used if that individual gives a company permission to do so. It matters to marketers what users want to withhold under the new law because data sets built around the information that people most want removed are likely to lose some of their value.

Given the prevalence of data leaks and fraud online, it makes sense that users are most guarded about identification, contact and financial information. However, marketers may be relieved that fewer than 10% of the survey’s respondents wanted their location history deleted.

Location data has become key to many marketing measurement processes. But many vendors who specialize in location data don’t have a direct relationship with users and obtain their data without getting consent. This makes their business models vulnerable to GDPR.

It remains unclear exactly how regulators will enforce GDPR. But the law is getting users to question how their data is being used. In a February survey of 1,050 UK internet users conducted by The7stars, nearly 60% of respondents said GDPR is making them question how much data companies have on them, and about a third of those polled plan to exercise their right to be forgotten after GDPR goes live.

"Behind the Numbers" Podcast