I defined the EU’s General Data Protection Regulation (GDPR) and its implications on businesses dealing with clients in the EU in my last blog. I pointed out that being in India does not remove you from its jurisdiction. The EU’s reach is long and the massive potential fines pose an existential threat to most small to medium sized businesses so if you are ignoring its impact, you do so at your peril.
It is an enduring fact that all businesses operate within the parameters of laws in their countries. Often, some regulations that are not directly enforceable in their countries and are under a bigger international umbrella tend to be put on the back burner of recognition, acceptance and compliance.
GDPR has the best intentions, in an age where cybersecurity, encryption and embedded systems are only safe until the next malicious hacker shows up, as serious data breaches in an international hospitality chain, a major Japanese consortium, and a British association of travel agents have already gravely illustrated. GDPR has stirred up what could be a hornet’s nest, once the gravity and implications sink in with the travel industry and it acknowledges that such regulations have penal implications that cannot be ignored. Most travel businesses treat client data with a degree of care that their best practices allow or are governed by laws in their country. For instance, Australia has stringent privacy laws that demand very careful treatment of client information and stipulates the deletion of such data from the business records once the purpose of obtaining the data is complete. Nicolette Hughes, director of product strategy and innovation at The Association of Superannuation Funds of Australia commented: “We treat all such data as sacrosanct and abide strictly by Australian laws. Incorporating GDPR will not be very difficult considering we already follow a discipline in the data collection and storage practice.” For instance, information pertaining to dietary preferences is considered strictly confidential in Australia. So after each event a hotel or a PCO must delete such information.
Hugo Slimbrouck, director of strategic partnerships at Ovation Global DMC, considers GDPR to be “like an approaching train which does not seem to be moving fast till it is almost upon you.” Although grey areas remain, the interpretation of GDPR and its compliance processes for various types of travel businesses will not only affect the collection and use of personal client data but also affect the marketing of events as often contact information is available on websites which are then used to email such prospects. Now, one must seek permission to email them unless one can prove ‘legitimate interest’.
Mona Abdul Manap, ceo of Place Borneo, a Malaysian DMC states candidly: “Most companies are blissfully unaware of GDPR and are yet to take cognizance of the fact that they need to comply.” For many companies in Asia, much business is conducted with other Asian companies so the segment of business with EU is not significant. That leads to apathy and the lack of urgency to deal with such issues.
The additional cost of obtaining client information, storage and security, deletion and access to clients to exercise their option of retaining or deleting partial or complete data, as well as the appointment of a data protection officer, all adds to additional fixed expenses to be incurred. The cost implication is yet to be assessed.
Compliance with GDPR in Asia seems like a long haul at this nascent stage. Firstly, Asian companies need to understand the implications and extent of confidentiality of client information and how to deal with it. Secondly, the implications of penalties consequent to any breach of the norms need to be determined. Thirdly, the methodology of compliance, how easy or difficult it will prove to be, is complex.
But if you are working with EU clients or suppliers, you need to comply.
The largest event to be held in the Arab World, Expo 2020 Dubai will be a long-term investment in the future of the country, impacting its economy by AED 122.6 billion (£26.5bn). “The Expo is a unique opportunity – we are building the Dubai Exhibition Centre – which is a brand new venue that will […]
India has the potential to become a tourism industry superpower but the lack of this government’s will to create an infrastructure for growth has resulted in dismal performances in preceding years, with inbound tourism limited to about half of the outbound tourism that the country generates. It is an industry ripe to be harvested for […]
India has climbed to second position after China in generating MICE business to Thailand. Corporate meeting and incentive travel comprises 40 per cent of the total outbound Indian visitors and 12 percent to Thailand are MICE travellers. India has recorded an 18 per cent growth in MICE visits to Thailand. Nitin Sachdeva, director of the […]
Thailand will build a new convention centre on its East coast to attract events related to high-tech industries. Thailand Convention and Exhibition Bureau (TCEB) president Chiruit Isarangkun Na Ayuthaya says a feasibility study has been conducted and the new venue will be located in one of three provinces: Rayong, Chonburi or Chachoengsao. Subject to final […]
KLM Royal Dutch Airlines is extending its connections with India with new flights and increased frequencies in 2019. From October 31, it will introduce a thrice-weekly flight from Bengaluru to Amsterdam, operating Boeing 787-9 Dreamliner aircraft with a 294-seat capacity. This is expected to ease connections to onward destinations in Europe and USA through convenient […]