NAB 17: EU Privacy Changes Raise Alarms, Covatic Offers Solution
No matter which side of the Atlantic video providers are on, they need to know about the European Union's General Data Protection Regulation (GDPR), which will create broad protections for consumer data starting on May 25, 2018.
While the final wording is still being written and finalized, the GDPR's key points are already known: Companies will only be able to store the minimum consumer data they need for their services, and will have to justify what they save. Data storage must be opt-in, while opt-out controls need to be simple to use and easily accessible. Any data breach will need to be disclosed within 72 hours, and anonymized data will still be protected. Companies will also need to create a mechanism that will erase all of a consumer's data across all databases on request.
The punishments for non-compliance will be stiff, with a top fine of four percent of the company's global turnover. This applies even to outside companies that do business within the EU. Don't think that outsourcing processing to a third-party will be an answer, as providers will still be liable if there's a data breach at a company they hire.
Just yesterday, an article on Forbes.com said there's a "worldwide climate of fear over GDPR," quoting a 2017 Veritas study showing that nearly 20 percent of organizations around the world worry that non-compliance will put them out of business.
But every problem is an opportunity, and at the NAB Show Stuart Timms, CTO of content discovery company Covatic, explained how his company has created a way to provide better video discovery while working within GDPR regulations.
Covatic's innovation is to move all viewer analysis to the consumer's own phone, putting people in charge of their own data. The video provider won't see the data, but will get content requests from it. Called domain analysis, Covatic's solution creates a timeline for each user, creating a tailored schedule for useful recommendations. For example, knowing when a consumer is commuting by car allows a provider to recommend audio podcasts at the right moment. Covatic wants to create a personal media package for all consumers based on their tastes and schedules, with its domain analysis running alongside more conventional recommendation systems.
By embracing this private and decentralized approach, Timms said, content providers can get all the customer data they need while minimizing any regulatory risk. "We see this as a sustainable approach for the industry."
The TV maker collected a range of viewing and demographic data from 11 million households for 3 years without authorization, and is paying modest fines.
The Netflix Open Connect team announced earlier this week that it would be using Transport Level Security. Here's a look at its innovative approach to protecting viewing data at scale.
The big winners are the suit's lawyers and a few unnamed charities, but mostly the lawyers.