This page contains a Flash digital edition of a book.
ask questions and take action if they think an organisation is not dealing with data properly,” says Simon Bunce, director of legal affairs at the Association of British Travel Agents (ABTA). If you want an airline to forget that you


like chicken or fish or a ground carrier to erase your address for pick up, or a hotel to delete their loyalty data, you will have that right. You will also have the ability to know what data is held and who holds it. Since travel managers handle this data they may have to act on a traveller’s behalf. This piece of legislation is already gen-


erating debate across the UK and beyond, since it demands higher levels of security and compliance. The reason for this is that GDPR has teeth; break the law and your company could face a maximum fine of up to 220 million or 4 per cent of global turnover, whichever’s greater. The potential fine is so high now that it can’t be ignored. For instance, in March Flybe was fined £70,000 for sending over three million marketing emails. “The company deliber- ately contacted people who had already opted out of emails from them,” explains Steve Eckersley, head of enforcement at the Information Commissioner’s Office (ICO). “Sending emails to determine whether people want to receive marketing without the right consent, is still marketing and it is against the law.” Under the new rules from Brussels, com-


panies like Flybe could be fined millions of pounds. The airline will certainly have to review how it obtains customer consent when GDPR comes into force. The law is also aimed at promoting trust, since only


The issues that GDPR raises


• Many travel managers and suppliers sit at the centre of a complex eco-system of information that raises questions about data protection at every single node in the data space.


• This is not a box-ticking exercise, it’s about a whole cultural shift within an organisation in terms of the respect for people’s data.


• The legislation will affect all those parties handling data; everyone is responsible, from the


collectors to the processors. This is like no other piece of legislation previously.


• GDPR it just one data law; more will be coming down the line, particularly from other territories beyond the EU.


• Data integrity and information governance is everyone’s issue, not just that of the IT department.


IN DATA WE TRUST The GDPR is also wide-ranging. It has an extra-territorial effect. If your travellers’ data is sitting on a US server, which a lot is, then this will have to comply with this EU legislation. If an airline in China is holding data from a British executive they also must fall into line. Basically, anyone who handles information – processors, collators and col- lectors – from EU citizens will have to oblige.


“The huge aspect is the ‘profiling’ regulation, which could mean issues for TMCs banking on collecting a lot of data to personalise services”


one in four UK adults trust businesses with their data, according to a survey by the ICO. More importantly, data protection


issues are fast becoming reputation issues. Investors have started punishing compa- nies for security breaches. According to a study by Oxford Economics, a firm listed on the FTSE 100 becomes worse off by roughly £120 million in the wake of a breach, while share prices fall by an average of 1.8 per cent. British Airways’ recent IT debacle and data dropout is not without consequences either.


56 BBT July/August 2017


“Many organisations find themselves overwhelmed, GDPR drives a data strategy which asks organisations to consider the right data, the right context and to do so in a way that is ethical, compliant and safeguards personal data as a fundamental human right,” explains Prior. So, when asked about preparation for


GDPR many companies and organisations gave stock answers, saying they are taking the legislation very seriously. Travel buyers will have to know what data they hold about their executive travellers, why they’re


holding it and what they’re using the data for. The same applies to suppliers. This creates issues for those companies in


the supply chain that are increasingly trying to build up a detailed picture of their clients, customise loyalty and marketing directly to them. GDPR will force many travel compa- nies to rethink their strategies or at least ask for greater consent from executives. “The significant aspect is the ‘profiling’ regulation, which could mean issues for those TMCs who are banking on collecting a lot of data to personalise services,” explains Antoine Boatwright, chief information officer at Hillgate Travel.


GETTING STARTED First, GDPR means that organisations need to get started with their preparations if they’ve not already done so. The UK gov- ernment has made it clear that it intends to implement this European legislation in full, irrespective of Brexit, in a bid to pre-empt a global trend towards greater data transpar- ency and accountability. “The strengthening and unification of


data protection regulations such as this should help to drive universal standards across geographies,” states Philip Jeffs, compliance officer at ATPI. “We expect that over time it would create a much more


BUYINGBUSINESSTRAVEL.COM


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80  |  Page 81  |  Page 82  |  Page 83  |  Page 84  |  Page 85  |  Page 86  |  Page 87  |  Page 88  |  Page 89  |  Page 90  |  Page 91  |  Page 92  |  Page 93  |  Page 94  |  Page 95  |  Page 96  |  Page 97  |  Page 98  |  Page 99  |  Page 100  |  Page 101  |  Page 102  |  Page 103  |  Page 104