I defined the EU’s General Data Protection Regulation (GDPR) and its implications on businesses dealing with clients in the EU in my last blog. I pointed out that being in India does not remove you from its jurisdiction. The EU’s reach is long and the massive potential fines pose an existential threat to most small to medium sized businesses so if you are ignoring its impact, you do so at your peril.
It is an enduring fact that all businesses operate within the parameters of laws in their countries. Often, some regulations that are not directly enforceable in their countries and are under a bigger international umbrella tend to be put on the back burner of recognition, acceptance and compliance.
GDPR has the best intentions, in an age where cybersecurity, encryption and embedded systems are only safe until the next malicious hacker shows up, as serious data breaches in an international hospitality chain, a major Japanese consortium, and a British association of travel agents have already gravely illustrated. GDPR has stirred up what could be a hornet’s nest, once the gravity and implications sink in with the travel industry and it acknowledges that such regulations have penal implications that cannot be ignored. Most travel businesses treat client data with a degree of care that their best practices allow or are governed by laws in their country. For instance, Australia has stringent privacy laws that demand very careful treatment of client information and stipulates the deletion of such data from the business records once the purpose of obtaining the data is complete. Nicolette Hughes, director of product strategy and innovation at The Association of Superannuation Funds of Australia commented: “We treat all such data as sacrosanct and abide strictly by Australian laws. Incorporating GDPR will not be very difficult considering we already follow a discipline in the data collection and storage practice.” For instance, information pertaining to dietary preferences is considered strictly confidential in Australia. So after each event a hotel or a PCO must delete such information.
Hugo Slimbrouck, director of strategic partnerships at Ovation Global DMC, considers GDPR to be “like an approaching train which does not seem to be moving fast till it is almost upon you.” Although grey areas remain, the interpretation of GDPR and its compliance processes for various types of travel businesses will not only affect the collection and use of personal client data but also affect the marketing of events as often contact information is available on websites which are then used to email such prospects. Now, one must seek permission to email them unless one can prove ‘legitimate interest’.
Mona Abdul Manap, ceo of Place Borneo, a Malaysian DMC states candidly: “Most companies are blissfully unaware of GDPR and are yet to take cognizance of the fact that they need to comply.” For many companies in Asia, much business is conducted with other Asian companies so the segment of business with EU is not significant. That leads to apathy and the lack of urgency to deal with such issues.
The additional cost of obtaining client information, storage and security, deletion and access to clients to exercise their option of retaining or deleting partial or complete data, as well as the appointment of a data protection officer, all adds to additional fixed expenses to be incurred. The cost implication is yet to be assessed.
Compliance with GDPR in Asia seems like a long haul at this nascent stage. Firstly, Asian companies need to understand the implications and extent of confidentiality of client information and how to deal with it. Secondly, the implications of penalties consequent to any breach of the norms need to be determined. Thirdly, the methodology of compliance, how easy or difficult it will prove to be, is complex.
But if you are working with EU clients or suppliers, you need to comply.
The Kuala Lumpur Convention Centre (KLCC) will add 11,000 sq m of flexible, multi-purpose space to bring its total space inventory to 33,659 sq m this year, enabling organisers to host multiple concurrent events and congresses. The additional space, which will have a direct link to the existing facility, is comprised of a large foyer […]
For a meeting destination to gain popularity and staying power to attract clients, it takes more than just a pretty face. The city can be scenic and beautiful with a lot of natural beauty but for meeting clients you need to expand the horizon, just a wee bit more. Firstly clients prefer direct flights to […]
Bahrain recorded a 43 per cent jump in visitor arrivals from India in 2018, with a big increase in incentive travel, with an 80 per cent increase in revenue. Bahrain Tourism & Exhibitions Authority (BTEA), which opened an office in India in January 2017, has been aggressively promoting the destination to the MICE and leisure […]
Eurail, the pan-European rail network, has announced a substantial 37 per cent permanent reduction in prices on all passes for outbound Indian travellers and global tourists to mark its 60th anniversary. The summer season is popular for Indian incentive tours as well as leisure travel and the preferential pricing is likely to lead to a […]
Penang Convention & Exhibition Bureau (PCEB) has won the bid to host the inaugural ICCA (International Congress and Convention Association) Asia Pacific Chapter Summit 2019, to be held from 5 – 6 December this year. The ICCA Asia Pacific Chapter Summit organised by the ICCA Asia Pacific Chapter and co-hosted by PCEB and Anderes Fourdy, […]