blog image

The Chilling Effect on Privacy

May 16, 20234 min read

Introduction:

My recent experience at trade shows and conferences has illustrated one thing very clearly.

There are people who don't want you to talk about privacy.

Usually because they think such a discussion will clash with their own personal or corporate agenda. Which is a nice way of saying they think it will get in the way of sales. The truth is there is a chilling effect on discussing privacy issues which is going to cause you problems very soon.

I can give you two examples from the last week alone.

Example 1 - Let's wait for something less complicated

At a recent data protection conference in London the latest UK government proposals for changes to the Data Protection Act 2018 were introduced.

Known as "DPA18" for short, this is the UK legislation which includes the UK GDPR, which is our version of the EU General Data Protection Act.

There is a lot of debate in my world of data protection and privacy about just how good the proposed changes are.

For my part there are some critical parts which need to change and a lot which should be left alone. Businesses need certainty. Fannying about with data protection legislation simply to scratch out all the EU flags it contains and replace them with Union Jack stickers is no way to deliver certainty.

We'll see what happens.

However it was the reaction of some in the hotel industry which concerned me most. Comments from leaders in some quarters to the effect that they were looking forward to something "easier to comply with" and that it was worth waiting for the changes in the law before doing anything more.

Now, I have to say this. We're looking at a hotel industry in the UK which in general, if it has done anything about the way it manages personal data and privacy, has done the bare minimum.

To carry on to do even less until someone makes it easier in the future is to put the needs of your customers and staff well below your own.

With consenquences that will come back to haunt you.

A similar approach is often taken by technology vendors. The argument goes something like this,

"The UK will change approach to be more like the USA than the EU, so you should just wait for that."

Awful. Awful advice. Of course there was a lot of snake oil, fear and confusion sold in the run up to the introduction of the GDPR and Data Protection Act back in 2018. It is disappointing to find such nonsense still being peddled when what hoteliers really need is some support to help them realise the value in the data they use.

Example 2 - Let's change the subject

The second example was from a fascinating webinar about the use of technology in hotels. In particular the use of Artificial Intelligence or AI.

It seems that everything has an AI driven component these days, whether it needs it or not.

One of the speakers noted that as hotels seek to take advantage of "personalisation" and would need access to data, so the issue of privacy would become important.

A second speaker contributed that in his opinion this was correct, and that compared to the challenges of getting privacy right for hotel websites, the privacy issues connected with the use of Artificial Intelligence (AI) were, and I quote, "an order of magnitute bigger". There would be, in his opinion, significant challenges to overcome, which might take years.

an order of magnitude bigger...

What was the response of the webinar host to this comment?

I'll tell you.

It was an instant changing of the subject. Moving the discussion on to something completely different.

"Privacy" was not seen as a topic which needed any further debate.

Why this matters to your hotel

You can't let self appointed industry "leaders", technology vendors and commentators use their own agenda to set a jaundiced approach for you. Especially not where data protection and privacy are concerned.

The hotel industry in the UK has done a poor job of putting the privacy concerns of customers and employees first. As such the industry is now unable to make the best use of the personal data needed to find and make new customers and keep them coming back, or to find new people with skills and encourage them to work in a hotel. And return for the next shift.

The debate needs to be about how to make safe and effective use of people's information to achieve the goals you set yourself. That's how you will find ways to "comply" with data protection regulations - because you will be driven by the right things, by positive outcomes, building trust in your use of data to drive revenue and build relationships.

There needs to be an open, honest and realistic debate about this. We all need the talk to be heated up, not chilled to the point where it becomes frozen stiff.


blog author image

Allan Simpson

Privacy management blogger

Back to Blog