We’re on the eve of full enforcement of the European community’s General Data Privacy Regulation (GDPR). Looking exclusively at the world of automated self service and intelligent assistance, the impact of the new laws is subject to much debate. The frequency of “GDPR” as a search term is dramatically trending upward. According to Doc Searls, who delivered a keynote address at the Conversational Commerce Conference in London, it is on course to destroy AdTech as we know it. O’Reilly Media’s Andrew Burt asserts that it very well may preclude brands from subjecting information to “unsupervised machine learning”. It should send shudders through the ranks of 6,829 firms in a list compiled by Martech guru Scott Brinker.
Amidst all the uncertainty surrounding the impact of GDPR from the point of view of Intelligent Assistance, a level of certainty has grown surrounding the idea of regulatory compliance. From both a legal and IT perspective, brands are receiving a wide range of counsel about steps that need to be taken to adhere to the letter of the law when it comes to protecting an individual’s rights to privacy as well as their ability to control the information they choose to share with brands and advertisers.
Now, in anticipation of GDPR’s effective date of May 25th, Interactions LLC offers its clients access to a new application programming interface (API) to support their efforts to comply both with the European Economic Area’s (EEA’s) regulations, as well as the U.S. Commerce Department’s “Privacy Shield” certification. As a long-time business process outsourcer to banks and other businesses, Interactions has already developed systems and protocols to protect the security of the personal data that it has received and stores on behalf of its clients. Transforming these capabilities into an API simplifies the process of incorporating data security and privacy into the conversations supported by the intelligent virtual assistants that are powered by Interactions’ platform.
Beyond “Informed Consent”
“Informed Consent” has been a central concept for GDPR and many brands are scrambling to gain “repermission” to capture and employ personal information from callers. As a leading provider of Intelligent Virtual Assistance over voice channels, Interactions has a long history of pursuing best practices in pre-call disclosures that lead to informed consent. GDPR adds several other elements that the new API accounts for. The product announcement calls out two specifically:
- “Right to Access” – Using the API, the customers of Interactions clients will be able to request and receive an an electronic report that contains all the personal information that is being stored in Interaction’s database
- “Right to be Forgotten” – In compliance with GDPR standards, the API automatically provides a confirmation of the erasure of personal data, complete with a date and timestamp.
Through the API Interactions’ clients will obtain an electronic personal data report or a record of the fulfillment of the requested erasure. These are simple, but powerful capabilities.
A Milestone in The Long Journey to CustomerTech
The imposition of GDPR is days away and marks a milestone in a very long journey toward individual’s taking true control of their personal data. The aforementioned Doc Searls has been spearheading efforts of a group academics, developers and solutions providers that started 10 years ago under the name Project VRM (for Vendor Relationship Management) at Harvard’s Berkman Center for Internet and Society. As the reality of self-sovereign identity, customertech, customercommons and even GDPR take shape, the name “VRM” may not survive, but its spirit is baked into every service offering, like Interaction’s API, which give customers the tools to take greater control of their own data and metadata.
You can track progress here and on the Customer Commons Website, where you may be interested to note that support is building for celebrating May 25th as #PrivmasDay.
Categories: Intelligent Assistants